US and UK Governments Advise Avoiding Internet Explorer Until Bug Fixed 153
martiniturbide (1203660) writes "Reuters is reporting that 'The U.S. and UK governments on Monday advised computer users to consider using alternatives to Microsoft Corp's Internet Explorer browser until the company fixes a security flaw that hackers used to launch attacks.' The article states that 'The Department of Homeland Security's U.S. Computer Emergency Readiness Team said in an advisory released on Monday that the vulnerability in versions 6 to 11 of Internet Explorer could lead to "the complete compromise" of an affected system.'"
Oh Noes! (Score:5, Funny)
Re:Oh Noes! (Score:5, Funny)
Re: (Score:1)
I telnet to getfirefox.org, you insensitive clod!
Why telnet if you can use butterflies to communicate with the server.
Re: (Score:2)
I telnet to getfirefox.org, you insensitive clod!
Why telnet if you can use butterflies to communicate with the server.
Using butterflies would cause too many latency issues, whether you're using the butterflies for direct transmission or generating cosmic rays via the butterfly effect.
Re: (Score:3, Informative)
Re: (Score:2)
Wuss: real men just use wget.
Re: (Score:2)
The telnet client is not installed by default on Windows anymore. You'd have to teach people how to add it from the control panels.
Re: (Score:2)
In PowerShell:
pkgmgr /iu:"TelnetClient"
Bootstrap with a mobile device (Score:2)
Re: (Score:2)
Don't forget to check the Authenticode signature on the Firefox package (and check the key and CA as well...) Before anything gets installed on Windows, I check the signatures. I've been surprised, and quite glad that I've done so, as some download places "repackage" the installers for other programs and re-sign the executables... and usually there are unwanted (well, more accurately, potentially unwanted) additions.
Re: (Score:2)
Crap - *now* they tell me. I had to use IE (v.$latest in Windows 7) to get an .iso from MSDN, because the damned site screams and complains if you use anything else.
Re: Oh Noes! (Score:2)
Re: (Score:2)
Re: (Score:2)
How are people going to download Firefox?
You can open a Windows Explorer window and use it to access FTP servers.
Re: (Score:3)
How are people going to download Firefox?
Open the command terminal* : [Towel Key + R]
"cmd" [Enter]
In the resultant terminal:
ftp
open ftp.mozilla.org
The username and password are both "anonymous" (sans quotes).
cd pub/mozilla.org/firefox/releases/latest/win32/en-US
ls
binary
get "Firefox Setup [version].exe"
bye
Firefox Setup [version].exe
Replace [version] above with the version number you wish to download. You may also "lcd [directory]" to change the local directory the download will appear in. Selecting a 64 bit version of Firefox or downloadi
Re: (Score:1)
There really should be some effort to distribute Firefox on SD card or other non-download media, or at least a placeholder that contacts mozzila.org without needing Internet Explorer. We've been reading about this kind of thing on Slashdot for years now.
Re: (Score:1)
Easy. Microsoft suckasses in the I.T. department.
Re: (Score:3)
With the numerous gaping holes in security discovered in IE over the years, it's incredible that people are still using it. I guess they don't know there are alternatives?
Someone who knows of alternatives may happen not to have ready access to another PC that already has Firefox. It's not like you can get public releases of Firefox through FTP anymore:
Re: (Score:3)
Not directly through Mozilla. But there are third-party FTP servers run by trustworthy organizations that host it I'm sure.
Re: (Score:3)
Real men use telnet to port 443.
Re: (Score:1)
Re: (Score:1)
Or the NANDputer (Score:2)
Re: (Score:2)
Real men design and make their own CPU first.
Real men don't need a CPU. They just whistle into the modem and listen to the response.
Re: (Score:2)
Real men punch cards!
Re: (Score:2)
Bull. Real men telnet to Port 80.
Real men realize that "Telnet" is not synonym to "raw connection".
Yeah, it will probably work just fine, but in theory you're not supposed to connect a Telnet protocol client to HTTP protocol server.
On it! (Score:3)
Re: (Score:2)
yum -y install lynx
Whew. OK here.
Re:On it! (link) (Score:2)
Of course, it is a bit dated, and some of the bits may be rusty.
Re: (Score:2)
That is one heck of an addictive game sir... congrats...
Re: On it! (Score:2)
Dammit, get a *secure* browser!
Go HotJava all the way...
http://en.wikipedia.org/wiki/H... [wikipedia.org]
Government (Score:1)
How many government employees have no choice but to use IE themselves?
Re: Government (Score:5, Informative)
Numerous NYS web pages whos use is MANDATED for local government REQUIRES IE 8. For the Win7 machines (dictated by HIPPA as securable) we have to disable ActiveX security, add it to trusted sites, AND fire up the developer tools to get it into IE 7 compatability. The page I am specifically thinking of is the Department of Health... you know where all your medical records are.
Security is poorly spun illusion at this point. If the feds wanted the Internet to be secure then they should have reigned in the spooks in the beginning.
Re: (Score:3)
minor edit... (Score:2)
you could have stopped after "explorer" and had just as valid a recommendation...
Kinda funny... (Score:1)
we have to use "legacy mode" aka IE6 (Score:2)
that pesky Visual Basic in all those hack apps...
Re: (Score:3)
Re: (Score:2)
Too wordy (Score:2)
About three words too many.
Convenient timing. (Score:5, Insightful)
Just in time for XP to go out of support for most people, now you get this 'well publicized' bug that wont get patched, in effect. I expect only the latest version of IE to be patched, which will NOT run on XP even if you wanted to.
Re: (Score:2)
IE6, 7 and 8 will be patched for Windows Server 2003, which uses the same IE binaries.
Re: (Score:1)
yeah and as no other browser works on XP, people have no choice but to ugrade :-O
Re: (Score:2)
And some enterprise apps will choke on them, leaving your suggestion useless.
Re: (Score:2)
Just in time for XP to go out of support for most people, now you get this 'well publicized' bug that wont get patched...
A rational observer would view that as borderline suicidal on Microsoft's part. I'm guessing that Satya will go the suicide route and I applaud.
Re: (Score:2)
Just in time for XP to go out of support for most people, now you get this 'well publicized' bug that wont get patched...
A rational observer would view that as borderline suicidal on Microsoft's part. I'm guessing that Satya will go the suicide route and I applaud.
I'll bring the orange slices.
Re: (Score:2)
Re: (Score:1)
How about MS's public statement that they've stopped providing security updates for XP as of earlier this month?
Re: (Score:2)
Care to cite any sources you have refuting this?
I was firmly under the impression XP updates are no more unless you are a huge company/government.
Source: http://windows.microsoft.com/e... [microsoft.com]
The solutions listed are:
"Upgrade" to win8.
Buy a new computer.
What the fuck makes you think they are 100% going to patch versions that work on XP?
I would even settle for why you believe it to be "likely not true"
Re: (Score:2)
My assumption would be that they're going to patch the version that runs on Windows 2003, which is the same as the one that runs on XP.
Re: (Score:2)
While it may happen, i wouldn't blindly assume that. They want people off 2003 as well.
Re: (Score:3)
That OS doesn't officially EOL until next year.
Re: (Score:2)
So they'd want to force their paying customers to migrate their servers? Why would they stay a customer of a company who doesn't honour agreements?
Microsoft don't want Windows 2003 customers off Windows, they want them on the next current version they're selling.
Re: (Score:2)
Yes: Convenient timing. (Score:2)
Re: (Score:2, Insightful)
Care to cite any sources you have refuting this?
I was firmly under the impression XP updates are no more unless you are a huge company/government.
Source: http://windows.microsoft.com/e... [microsoft.com]
The solutions listed are: "Upgrade" to win8. Buy a new computer."
Whoops - you missed a couple:
Buy a Mac
Run Linux
Go Chrome
FTFY
I could really give a Rat's ass if Microsoft blew up every OS they had, because Microsoft is on the fast track to being the outlier, the misfit, the non standard OS.
Writing programs for specific versions of IE is just the sort of short sighted stupidity that tells us that Microsoft shills are just what we think they are - incomparably unintelligent. Did these asshats think that the web and it's technology was going to magically stop at
Re: (Score:2)
Mum has been running on Linux for as long as I can remember now ; she had to remind me that it was well before 2012 that I first installed Ubuntu for her. For her needs, it's ideal, and I don't have to worry about her getting horrible malware, or falling prey to the scammers who ring up and claim to be "from Windows Support" - you tell them you're running Linux and they hang up pretty quickly.
Internet Explorer? What's that? (Score:2)
Re: (Score:2)
I can't remember the last time I used IE(some version), seriously...I can't...must be like 8-10 years ago, or the numerous times I used a Windows computer...tried to follow an e-mail link that wanted me to use IE....when I denied it...just wanted to fire up my FireFox, so many times MS tried to force me to use IE, and I always ignored it because it never gave me what I want in the first place. Good riddance. RIP IE.
The only PC I saw lately where somebody habitually clicks the E instead of the Fox is completely malware ridden to the point of unusability. I figure, leave it that way, there's no point cleaning it up, it will be that way again in a day or two. Eventually I will stick in a new hard disk with Ubuntu on it and there will be no need to explain why it's better.
Don't forget this Flash 0-day (Score:2)
A 0-day for Adobe Flash was also patched today [krebsonsecurity.com].
For some reason I had three different and separate updates I had to do to fix this:
1) Chrome automatically updated something and was running the latest version when I checked
2) The plugin that Firefox uses only seems to look for updates when I reboot. I found this guide [karlhorky.com] to trigger the update manually, which basically then resulted in it just opening a browser window & making me download an update .exe.
3) Even after that, IE still reported running the older
Re: (Score:2)
Re: (Score:2)
IE uses an ActiveX plugin for Flash, Firefox uses an nsplugin, Chrome has it built in. So yes, three different flash plugins, and three ways to update.
I've always seen the ActiveX as not installed
Flash Driver:
ActiveX Version: Not Installed
Plug-in Version : latest version
I show no default ActiveX running on my Win system other than
HHCtrl Object - hhctrl.ocx
Microsoft RPD Client Control - mstscax.dll ( Remote Desktop ActiveX control - go figure)
Which I've disabled.
And thanks for the word on the flash update, one of the requirements anymore, like it or not; I can't even access my router with out flash.
Re: (Score:2)
That simply sounds like you are using something else than Windows 8. The Windows updates for the Flash plugin are only delivered in Windows 8.
Win7, it's always said the ActiveX plug in wasn't installed no matter the Win version.
I still use the old Opera that has short-cuts, I type in Flash as a URL and go to
http://download.macromedia.com... [macromedia.com] Link will download install_flash_player.exe
None of this oh damn I installed Mcafee by mistake :}
Some people don't care (Score:2, Interesting)
AC because my boss reads /.
My boss, in all his good business instincts and mostly great technical attributes, insists on installing java and downgrading all computers to ie9 instead of going with 11. Now I know 11 had issues with compatibility from time to time, but I am hard pressed to believe that running ie9 with Java is a great way to stay virus free.
Then again we are in the small business and home user repair market maybe he is just trying to go for reoccurring client repairs
Re: (Score:1)
Re:Some people don't care (Score:5, Interesting)
Don't worry, I work in a government agency, IE8 is the only authorized browser (with java of course), and if you gained access to that computer you would have plenty of access to sensitive (but not classified) stuff.
Re: (Score:1)
Warning to IE8 fans... it goes away with Windows Vista, which is the next Windows OS to cross the "no longer supported" line like Windows XP did this month.
Re: (Score:2)
AC because my boss reads /.
My boss, in all his good business instincts and mostly great technical attributes, insists on installing java and downgrading all computers to ie9 instead of going with 11. Now I know 11 had issues with compatibility from time to time, but I am hard pressed to believe that running ie9 with Java is a great way to stay virus free.
Then again we are in the small business and home user repair market maybe he is just trying to go for reoccurring client repairs
I wonder if there is any kind of liability resulting from the gross incompetence of installing old, known to be insecure, software on customers' machines instead of the latest release with the latest security fixes...
(Also, doesn't Windows auto-update to IE 11 anyway? Or are you turning of auto-updates too?!)
Re: (Score:2)
nothing unusual imho (Score:1)
could lead to "the complete compromise" of an affected system
= any browser that isn't Firefox+NoScript.
Could they.... (Score:2)
Re: (Score:3)
Couldn't they have just said "Don't use Microsoft Products, anytime, anywhere, ever?" That's so much easier.
FTFY
Re: (Score:2)
Except IE + EMET is the only browser configuration to never be exploited at pwn2own.
Actual recommendation from US gov (Score:2, Informative)
But don't confuse that with recommending not to use the browser.
Re: (Score:3)
Don't confuse a partial reading of the page with the full text, which goes on to say:
Re: (Score:1)
What's your point? If you are still using XP today, then you absolutely DESERVE each and EVERY millisecond of strife, frustration, aggravation and angst that's coming your way. It's already been deprecated for SEVEN years you luddite fucktard, if you couldn't or wouldn't find a measly $100 in SEVEN, FUCKING, YEARS, then please refer again to my second sentence above.
-AC
Re: (Score:1)
I so, so, wish it was a mere matter of $100
The sheer amount of money that has been pissed away on upgrading from XP to Windows 7 is thoroughly, utterly, disgusting.
For a slightly more server-based example (because we're getting a jump ahead of the Win2k3 Server retirement) ; my infrastructure support team have spent 2 weeks trying (and alas, failing) to replace the Windows Indexing Service, which is no longer supported, for an web app that of course, requires search. The replacement is "Windows Search Serve
Re: (Score:1)
Don't confuse what's offered as a last-ditch possibility with the actual recommendation.
Recommended browser for old XP machines? (Score:2)
What is the recommended free browser to install on an old XP machine, preferably along with an IE-like skin for the older generation?
Re: (Score:3)
I'd say Firefox with Adblock Plus, so they wont get fooled by malicious ads on sites.
Re: (Score:1)
What is the recommended free browser to install on an old XP machine, preferably along with an IE-like skin for the older generation?
Go here:
http://www.linuxmint.com/downl... [linuxmint.com] Download, burn an .iso disk, boot from it, and follow the instructions.
Free browser, a modern and free OS, and it just works.
Life is good.
Re: (Score:2)
Re: (Score:1)
That said, on an XP system you should install EMET 4.1 (http://www.microsoft.com/en-us/download/details.aspx?id=41138) for Windows XP. It will mitigate this and many other issues. You should not be running Windows XP without it, now that XP is EOL. Also, use a third party Antivirus solution like Kaspersky or NO32. And for the love of Dog, do not use Java, flash, or Adobe %products%.
You are forgetting the simple fact that no matter how good emet gets at doing the job of stopping remote exploits the problem is the person behind the keyboard. Do you really think that the majority of people who use XP are capable of understanding what heap execution prevention is? Or understanding what a freaking .dll is? Considering the fact that any OS that can arbitrarily run executable binary code directly off the internet is broken by design. It was ridiculous for Microsoft to release a remote contro
Re: (Score:2)
You, sir (Ol Olseoc), are what makes forums suck, as not only did you not answer the question, but you inserted you own perverted solution.
How odd. I gave a perfectly good answer, for those who might take a little telling.
XP users are in a hard place right now. They are probably using older computers that won't ever be able to handle Windows 7 or 8.
Buy a new computer? Probably not. When these folks should have upgraded was when Microsoft introduced us to Vista. Which was when they found out they not only needed new computers, but new peripherals, because of lack of drivers. And Vista stunk. So they lost trust and waited. Now it is Windows
World's smallest violin (Score:2)
Sigh, another day another IE dilemma. (Score:2)
I don't allow Internet explorer to run, nor have I since Win 3.x. To do so is an equivalent of Russian roulette, it may be good today, but tomorrow it's in the news for a hack out a week ago.
My first use of IE was to log on to Microsoft. I went to the downloads, found a game that sounded good and downloaded it. Only it didn't download, it started installing itself; I unplugged the computer.
It went against everything I saw as safe hex. I know now it was due to ActiveX another bad news MS creation.
I went to
Re: (Score:2)
>I don't allow Internet explorer to run, nor have I since Win 3.x
IE was introduced with Windows 95 OSR 2.1, IIRC.
Your right it wasn't 3.1, but 95. I don't know what version, it was the client that came with NT 4.0.
Why "until"? (Score:2)
Just avoid Internet Explorer all the time.
US-CERT changed its web site. (Score:2)
It said "US-CERT recommends that users and administrators enable Microsoft EMET where possible and consider employing an alternative web browser until an official update is available. ", now it says "US-CERT recommends that users and administrators review Microsoft Security Advisory 2963983 for mitigation actions and workarounds. Those who cannot follow Mic
Re: (Score:2)
And when your purchased app *requires* it.. ?
Don't buy garbage, or set UA header (Score:2, Redundant)
a) Don't buy garbage, stuff that works only in a specific version of a specific browser.
b) 90%+ plus, you can just set the user agent header in Seamonkey, Firefox, or Chrome to SAY it's IE and things work just fine.
Re:Don't buy garbage, or set UA header (Score:4, Insightful)
Don't buy garbage, stuff that works only in a specific version of a specific browser.
Three software products dominate a particular vertical market. When your employer chose to adopt one of these products, all three were garbage by your definition. Are you recommending that people in the affected industry resign en masse and retrain for a different industry?
90%+ plus, you can just set the user agent header in Seamonkey, Firefox, or Chrome to SAY it's IE and things work just fine.
Which works fine until an ActiveX control fails to load, or an IE-specific event listener fails to attach.
so you followed my suggestion. Example? (Score:3)
> When your employer chose to adopt one
If your employer did that before you arrived, or over your strong objections, then you followed my advice - you didn't buy garbage. Unfortunately someone else did.
However, I've dealt with a few different businesses and can't think of such a situation where all three leading solutions are ActiveX / IE only. I can think of one where for the GUI, you had to choose between ActiveX, Java, or a local client. A network CLI was also available. I'm curious what case you hav
Re: (Score:2)
And once you get out of school, get a job, and move out of your mothers place, you will understand now the world actually works.
Until then, you only make yourself look stupid with those juvenile and clueless statements. Leave things to us adults.
sorry you screwed yourself (Score:3)
I'm sorry you got fucked. To avoid putting yourself in that situation again, you might want to do two things. First, recognise that vendor lock-in is a risk to the enterprise, and that risk has an accountable cost. When you choose to be locked into TWO vendors, the software vendor AND a supported version of IE, your risk is the multiple of two components.
Secondly, when you find yourself in a situation where such a risk seems unavoidable, broaden your perspective to look at the business processes that cre
Re: (Score:2)
And once you [blah blah blah] you will understand now the world actually works
I thought it works on Android now? [phonearena.com]
Re: (Score:2)
And once you get out of school, get a job, and move out of your mothers place, you will understand now the world actually works.
Until then, you only make yourself look stupid with those juvenile and clueless statements. Leave things to us adults.
Well then, enjoy your Internet Explorer 6 app support and fully expect that you will be out of a job at some point because those people you are mandated to work for make really stupid decisions.
The world works a certain way for professional victims, and a different way for others. On one extreme there are people who won't put up with anything they don't like, and ther is your world. Neither work out well.
So if you have to shovel shit out of the sewers? Just be happy that you have a job, citizen. You
Re: (Score:2)
And when your purchased app *requires* it.. ?
If your "purchased' app requires a specific web browser then you have been royally ripped off.
Re: (Score:1)
Sadly, EMET isn't that often used. It really should be part of the OS and turned on by default similar to the NX protection. Then in a few OS revs, being active for all programs and not just IE, Office, and MS stuff. Other operating systems add security restrictions that are overall good for the ecosystem, but require major program changes left and right. Android's locking down of SD cards and SELinux set to enforce is one example.
I do know that XP does have support to some businesses and organizations.
Re: (Score:2)