Microsoft warning over browser security flaw

zappaDPJ · Jan 31, 2011, 14:47:13

QuoteMicrosoft has issued a "critical" warning over a newly-discovered flaw in Windows.

In a security advisory, the company warned of a loophole that could be used by malicious hackers to steal private information or hijack computers.

The bug potentially affects every user of the Internet Explorer web browser - around 900 million people worldwide.

http://www.bbc.co.uk/news/technology-12325139

This one really is quite nasty so if are an IE user you should apply this fix now: http://support.microsoft.com/kb/2501696

DorsetBoy · Jan 31, 2011, 15:38:38

Thanks Zap

Rik · Jan 31, 2011, 16:43:53

Ditto.

Ray · Jan 31, 2011, 16:44:23

pctech · Jan 31, 2011, 17:41:58

Cheers Zap, workaround applied.

MisterW · Jan 31, 2011, 18:24:15

Now, Rik, if you'd taken the leap of faith to Linux you wouldn't have these sort of probelms

Rik · Jan 31, 2011, 18:25:53

I have the disc and the machine, even a book, I just haven't had the time.

pctech · Jan 31, 2011, 19:09:12

And you meed to devote a lot of time to Linux.

Rik · Jan 31, 2011, 19:10:16

That's right, Mitch, encourage me.

pctech · Jan 31, 2011, 19:14:44

I have to admit I gave up but might get myself a laptop and dual boot it so can tinker at work.

Rik · Jan 31, 2011, 19:16:47

It's a laptop I plan to convert, Mitch. Having a spare seems a bit redundant these days.

Glenn · Jan 31, 2011, 19:32:24

Just go for it.

Glenn · Jan 31, 2011, 19:33:09

I bet you can't get it to look and behave like XP though

Rik · Jan 31, 2011, 19:35:14

I'm not playing, then.

armadillo · Jan 31, 2011, 19:38:20

The other obvious workaround is not to use IE. The vulnerability lies in ActiveX and Active Scripting. These are not supported in Firefox, Opera, Chrome or Safari. The only thing that supports these abominations is IE. No mainstream bank or financial institution will code their sites so as to be dependent on using IE.

Lance · Jan 31, 2011, 22:55:27

I think Egg requires it fo their money manager actually.

armadillo · Jan 31, 2011, 23:12:48

Good reason not to bank with Egg then.

Lance · Jan 31, 2011, 23:29:28

I don't any more

pctech · Feb 01, 2011, 16:00:13

Unfortunately First Direct's Internet Banking Plus uses the same tech as I asked about it when I joined them.

All the passwords are supposedly encrypted on your system but I'd rather they be on a bank's server somewhere behind several firewalls.

armadillo · Feb 02, 2011, 00:08:02

So is their active scripting something that is fundamental to accessing the site at all or is it only needed for some money management add-on that you can get by without?

I operate on-line bank accounts at Halifax, NatWest, Barclays and Nationwide. They all have different logon and authentication procedures but they all work perfectly in Firefox.

dudwell · Feb 02, 2011, 11:39:10

International phone call yesterday from heavily-accented chap claiming to be Microsoft Support and wanting to help. I hung up of course. They don't waste any time do they?

Rik · Feb 02, 2011, 11:40:45

Time is money.

Lance · Feb 02, 2011, 11:59:20

If I ever get one of those calls I'll just tell them I use Linux.

Rik · Feb 02, 2011, 12:10:27

Better yet, Mac OS.

DorsetBoy · Feb 02, 2011, 12:15:21

Better still is to never get disturbed by any of these calls.