Comments on: Revisiting the Internet Explorer Security Bug http://krebsonsecurity.com/2010/01/revisiting-the-internet-explorer-security-bug/ In-depth security news and investigation Fri, 30 Jul 2010 04:29:12 +0000 hourly 1 http://wordpress.org/?v=3.0 By: BrianKrebshttp://krebsonsecurity.com/2010/01/revisiting-the-internet-explorer-security-bug/#comment-5960 BrianKrebs Thu, 20 May 2010 05:01:01 +0000 http://www.krebsonsecurity.com/?p=576#comment-5960 Sure. You can quote me. If you'd like to reach me directly, why not use the contact form on the Web site? or email me directly at krebsonsecurity at gmail dot com. Sure. You can quote me. If you’d like to reach me directly, why not use the contact form on the Web site? or email me directly at krebsonsecurity at gmail dot com.

Like or Dislike: Thumb up 0 Thumb down 0

]]> By: Gedichthttp://krebsonsecurity.com/2010/01/revisiting-the-internet-explorer-security-bug/#comment-5959 Gedicht Thu, 20 May 2010 03:51:24 +0000 http://www.krebsonsecurity.com/?p=576#comment-5959 Hello from Germany! May i quote a post a translated part of your blog with a link to you? I've tried to contact you for the topic Revisiting the Internet Explorer Security Bug — Krebs on Security, but i got no answer, please reply when you have a moment, thanks, Gedicht Hello from Germany! May i quote a post a translated part of your blog with a link to you? I’ve tried to contact you for the topic Revisiting the Internet Explorer Security Bug — Krebs on Security, but i got no answer, please reply when you have a moment, thanks, Gedicht

Like or Dislike: Thumb up 0 Thumb down 0

]]> By: Mark Ratledgehttp://krebsonsecurity.com/2010/01/revisiting-the-internet-explorer-security-bug/#comment-3407 Mark Ratledge Mon, 08 Mar 2010 21:11:42 +0000 http://www.krebsonsecurity.com/?p=576#comment-3407 Late to the discussion here, but when recently looking at my web server logs, I noticed one IE6 user's domain in particular: The Department of State. I've heard say that many branches of the Federal Goverment still use IE6, and now I believe it. Late to the discussion here, but when recently looking at my web server logs, I noticed one IE6 user’s domain in particular: The Department of State. I’ve heard say that many branches of the Federal Goverment still use IE6, and now I believe it.

Like or Dislike: Thumb up 0 Thumb down 0

]]> By: Fiserv to Banks: Stay on Outdated Adobe Reader — Krebs on Securityhttp://krebsonsecurity.com/2010/01/revisiting-the-internet-explorer-security-bug/#comment-3399 Fiserv to Banks: Stay on Outdated Adobe Reader — Krebs on Security Mon, 08 Mar 2010 17:57:12 +0000 http://www.krebsonsecurity.com/?p=576#comment-3399 [...] I wrote about opening up a new account at a local bank and noticed that the branch manager was still browsing the Web with Internet Explorer 6, just days after news surfaced that a zero-day vulnerability in IE6 was used in targeted attacks [...] [...] I wrote about opening up a new account at a local bank and noticed that the branch manager was still browsing the Web with Internet Explorer 6, just days after news surfaced that a zero-day vulnerability in IE6 was used in targeted attacks [...]

Like or Dislike: Thumb up 0 Thumb down 0

]]> By: Don Doofushttp://krebsonsecurity.com/2010/01/revisiting-the-internet-explorer-security-bug/#comment-1071 Don Doofus Tue, 26 Jan 2010 12:35:42 +0000 http://www.krebsonsecurity.com/?p=576#comment-1071 I blame Siebel/Oracle for IE6 still being used at corporations. Why does a company buy enterprise software that relies on ActiveX and is very difficult to upgrade? Oh yeah, its the big O's salespeople. Does Microsoft's CRM rely on ActiveX? I blame Siebel/Oracle for IE6 still being used at corporations. Why does a company buy enterprise software that relies on ActiveX and is very difficult to upgrade? Oh yeah, its the big O’s salespeople.
Does Microsoft’s CRM rely on ActiveX?

Like or Dislike: Thumb up 0 Thumb down 0

]]> By: BrianKrebshttp://krebsonsecurity.com/2010/01/revisiting-the-internet-explorer-security-bug/#comment-906 BrianKrebs Sun, 24 Jan 2010 01:54:54 +0000 http://www.krebsonsecurity.com/?p=576#comment-906 I am appalled at how difficult you find it to leave a coherent insult.Seriously, though -- why does urging people to use another browser make them *more* vulnerable than using IE? In addition to using another browser like Firefox, I always urge people to use safety plugins like noscript -- which by the way IE doesn't have.Finally, you should know that while Microsoft said its data execution prevention technology would block these attacks on IE8, researchers were able to show that was not always the case. I am appalled at how difficult you find it to leave a coherent insult.

Seriously, though — why does urging people to use another browser make them *more* vulnerable than using IE? In addition to using another browser like Firefox, I always urge people to use safety plugins like noscript — which by the way IE doesn’t have.

Finally, you should know that while Microsoft said its data execution prevention technology would block these attacks on IE8, researchers were able to show that was not always the case.

Like or Dislike: Thumb up 1 Thumb down 0

]]> By: IEUserhttp://krebsonsecurity.com/2010/01/revisiting-the-internet-explorer-security-bug/#comment-902 IEUser Sun, 24 Jan 2010 01:24:12 +0000 http://www.krebsonsecurity.com/?p=576#comment-902 I appalled by the poor advice given by Security pundits by yourself. By telling people to move away from IE to something like firefox is seriously jeopardizes their security on news OSes like Vista and Win7. Firefox does not support a Protected Mode and without that feature, firefox is FAR WORSER than IE.Why are people like you even allowed to post on the Web.Even if there is an exploit on IE7/8 on Vista/Win7 , protected mode will block i.t I appalled by the poor advice given by Security pundits by yourself. By telling people to move away from IE to something like firefox is seriously jeopardizes their security on news OSes like Vista and Win7. Firefox does not support a Protected Mode and without that feature, firefox is FAR WORSER than IE.

Why are people like you even allowed to post on the Web.

Even if there is an exploit on IE7/8 on Vista/Win7 , protected mode will block i.t

Like or Dislike: Thumb up 1 Thumb down 3

]]> By: Mike Fhttp://krebsonsecurity.com/2010/01/revisiting-the-internet-explorer-security-bug/#comment-839 Mike F Fri, 22 Jan 2010 17:55:16 +0000 http://www.krebsonsecurity.com/?p=576#comment-839 I work as IT for a small savings and loan as IT administrator. I switched all our employees to Firefox as a default web browser at least 2 years ago. There are still applications that require an IE certificate that some users have to use, but they are very aware of why we require them to use an alternative browser.We monitor our website activity as well and still find approximately 60% of our customers accessing our site with some form of IE. We do everything we can to try to educate them. Why? Because its in our best interest as well. The financial institutions are responsible for the fraud if it happens to one of our customers. Something needs to happen to change that and put more emphasis on making the end-user more responsible for his/her own actions IMHO. I work as IT for a small savings and loan as IT administrator. I switched all our employees to Firefox as a default web browser at least 2 years ago. There are still applications that require an IE certificate that some users have to use, but they are very aware of why we require them to use an alternative browser.

We monitor our website activity as well and still find approximately 60% of our customers accessing our site with some form of IE. We do everything we can to try to educate them. Why? Because its in our best interest as well. The financial institutions are responsible for the fraud if it happens to one of our customers. Something needs to happen to change that and put more emphasis on making the end-user more responsible for his/her own actions IMHO.

Like or Dislike: Thumb up 0 Thumb down 0

]]> By: Kmanhttp://krebsonsecurity.com/2010/01/revisiting-the-internet-explorer-security-bug/#comment-837 Kman Fri, 22 Jan 2010 17:18:30 +0000 http://www.krebsonsecurity.com/?p=576#comment-837 BTW, this small (21 employees) bank uses mainly IE8. I use Chrome and Firefox for some browsing.One of your earlier posters was correct about IE being the supported version for some required applications. Ours is no less than the Federal Reserve Bank. Their system is paranoidedly tight, and they support IE8, but they only support IE. BTW, this small (21 employees) bank uses mainly IE8. I use Chrome and Firefox for some browsing.

One of your earlier posters was correct about IE being the supported version for some required applications. Ours is no less than the Federal Reserve Bank. Their system is paranoidedly tight, and they support IE8, but they only support IE.

Like or Dislike: Thumb up 0 Thumb down 0

]]> By: Kmanhttp://krebsonsecurity.com/2010/01/revisiting-the-internet-explorer-security-bug/#comment-836 Kman Fri, 22 Jan 2010 17:14:01 +0000 http://www.krebsonsecurity.com/?p=576#comment-836 Brian, the patch did come out the evening of the 21st. Our servers and desktops had it waiting for them this a.m. Brian, the patch did come out the evening of the 21st. Our servers and desktops had it waiting for them this a.m.

Like or Dislike: Thumb up 0 Thumb down 0

]]>