Microsoft fixes big browser bug - GoFuckYourself.com

DVTimes · 08-02-2004, 05:06 PM

Microsoft fixes big browser bug

Sensitive information was at risk
Microsoft has fixed a bug in its Internet Explorer browser that led some experts to recommend people use a different way to surf the web.
The download.ject bug was spotted in late June and allowed infected machines to be controlled remotely.

Code to exploit this bug was somehow inserted on to some popular websites, infecting everyone that visited.

Until now the only protection against the bug were tools to detect the malicious code and remove it.

Browsers beware

Microsoft said the patch had taken a month to finish because it wanted to be sure that it did not cause more problems than it solved for users.

In the same security update Microsoft is also patching other holes in its browser that could be exploited in the same way as download.ject.

Microsoft urged users to download the patch and apply it as soon as possible.

Those struck by download.ject risked having confidential information, such as passwords and credit card numbers, stolen from their computer.

Security experts recommended that people use another browser because of the novel way that the malicious bug spread and because Microsoft had, until now, no way to protect against it.

However, soon after the download.ject bug was discovered the main danger was defused when Russian server dispensing the malicious code was shut down.

http://news.bbc.co.uk/1/hi/technology/3527192.stm

hydro · 08-02-2004, 05:07 PM

theres an exploit for the patch already out

Doctor Dre · 08-02-2004, 06:22 PM

Time to run windows update ...

Doctor Dre · 08-02-2004, 06:23 PM

Quote:

Originally posted by hydro
theres an exploit for the patch already out

ROFL !!! How the fuck can m$ take months to fix something and hacker take a day to undo-it ... this is crazy or some m$ programmers are just sitting on their asses

08-02-2004, 05:06 PM	#1
DVTimes xxx Industry Role: Join Date: Jun 2003 Location: UK Posts: 31,547	Microsoft fixes big browser bug Microsoft fixes big browser bug Sensitive information was at risk Microsoft has fixed a bug in its Internet Explorer browser that led some experts to recommend people use a different way to surf the web. The download.ject bug was spotted in late June and allowed infected machines to be controlled remotely. Code to exploit this bug was somehow inserted on to some popular websites, infecting everyone that visited. Until now the only protection against the bug were tools to detect the malicious code and remove it. Browsers beware Microsoft said the patch had taken a month to finish because it wanted to be sure that it did not cause more problems than it solved for users. In the same security update Microsoft is also patching other holes in its browser that could be exploited in the same way as download.ject. Microsoft urged users to download the patch and apply it as soon as possible. Those struck by download.ject risked having confidential information, such as passwords and credit card numbers, stolen from their computer. Security experts recommended that people use another browser because of the novel way that the malicious bug spread and because Microsoft had, until now, no way to protect against it. However, soon after the download.ject bug was discovered the main danger was defused when Russian server dispensing the malicious code was shut down. http://news.bbc.co.uk/1/hi/technology/3527192.stm __________________ The Affiliate Program

08-02-2004, 05:07 PM	#2
hydro Confirmed User Join Date: Dec 2003 Location: Dirty 3rd Posts: 4,216	theres an exploit for the patch already out