Microsoft Confirms Zero-Day Bug in IE6, IE7 and IE8

CommanderFrank

CommanderFrank

Cat Can't Scratch It
Joined
May 9, 2000
Messages
75,399
After all these years of use, Microsoft is still finding vulnerabilities in Internet Explorer versions 6, 7 and 8. These ‘zero-day’ exploits are being addressed by Microsoft, but recommends the obvious: upgrade to either IE 9 or 10.

Newer versions of IE, including 2011's IE9 and this year's IE10, are not affected, Microsoft said. It urged those able to upgrade to do so.
Click to expand...
 
clever way to encourage people to upgrade to ie9/10 msft...
 
So after all these years it took someone hacking a website and delivering attacks to users of older versions of IE for this to finally surface. Kinda makes you wonder how many other unknown exploits there are to IE or other browsers that are yet to surface.

So glad I have flash and others blocked on most websites and only open it up for sites I have more trust in. Yes I know that shit can still happen but at least I can try to minimize the vulnerabilities.
 
Windows 98 SE hasn't needed a security patch in ages so the fact that IE6 has problems only means that people should switch from junk like XP/Vista/7/8 back to operating systems that are not hackable like 2000 (which has only more recently stopped needing patches) 98, ME, or NT4.
 
The "unhackable" operating system does not exist. To say the Win98se hasn't needed a security patch is to ignore a great many things. Not the least of which is that no one at MS is willing to even look for security issues with it anymore (wether they exist or not).

Internet Explorer has always been a major problem. I don't understand the desire for continuing to use it. This whole thing is of no big surprise to me. There are too many other options that are freely available to anyone. They all have their problems but none are as bad as IE.
 
prndll said:
The "unhackable" operating system does not exist. To say the Win98se hasn't needed a security patch is to ignore a great many things. Not the least of which is that no one at MS is willing to even look for security issues with it anymore (wether they exist or not).
Click to expand...
You need to read his sig, lol, disclaimer.
 
IE6 was a lot more resource-efficient than web browsers that followed and, unlike alternatives, didn't need a ton of plugins from CreeperJoe's Warez Shack to work. Let's go down the list:

Firefox - Unfixed memory leaks since version 2 (3?) and stupid 3rd party plugins + lame Flash support on Windows

Chrome - Google's latest trojan horse spyware disguised as a "free" browser pretty much goes O.O at everything you do.

Opera - Well okay, that's one option :)

Safari - Apple much?

That leaves pretty much versions of IE and of those 6 was the most modern that was efficient and existed in a "we really can just open another window instead of a tab which is pretty much the same thing" world and Lynx which is ultra secure and lots better than IE, but not many people understand how to use it or want to learn how to get around inside it. So IE comes out on top by default since pretty much everything else except Opera and Lynx are spyware or trash.

I admit that under Linux, Firefox works okay, but Lynx is more well maintained under Linux which makes it work better there than in a CLI under Win.
 
I'll admit I didn't even notice the signature....lol

I've been running Firefox 2 for quite a long time now (even downgraded to it....for several reasons). I can live with the memory leaks. It just means I have to restart from time to time (no big deal really). Most of the so-called features in newer browsers are not that impressive to me (many are down right dangerous). Firefox does work better under Linux (completely agree) and many of my computers are linux. Ive seen too much code that only IE will run that makes any computer vulnerable. Never tryed Lynx.
 
03grandam said:
You need to read his sig, lol, disclaimer.
Click to expand...

Stop blowing my cleverly devised cover! :p

prndll said:
I'll admit I didn't even notice the signature....lol

I've been running Firefox 2 for quite a long time now (even downgraded to it....for several reasons). I can live with the memory leaks. It just means I have to restart from time to time (no big deal really). Most of the so-called features in newer browsers are not that impressive to me (many are down right dangerous). Firefox does work better under Linux (completely agree) and many of my computers are linux. Ive seen too much code that only IE will run that makes any computer vulnerable. Never tryed Lynx.
Click to expand...

Lynx is a text-based browser that was (I'm only guessing here) created by demons in the late 14th century to combat attempts by the CIA to compromise their drug cartel by injecting malware into their Pentium Pro-based servers that they were unwisely using to surf the Internet because, back in that day, Windows 2000 with Service Pack 4 didn't warn you not to surf the web from your domain controller. Lynx was a contracted project and, in defining the requirements to the Inca developers, the demons neglected to get specific about what OS they wanted it to run under. Inca programmers built it under BEOS first and then after much protesting and legal wranglings, renegotiated the contract to include a half-hearted port to DOS. Since the copyright for the software expired about 500 years ago and the company that originally coded it no longer exists, a few surviving project members simply released the source code to the world under the GPL and we all know the rest of history from there including its heavy use during the Byzantine Rebellion of 1956 and the Anglo-Saxton Nuclear Incident in 1988.
 
IE10 users need not worry at all, especially since about 90% of web pages won't even load properly with it.
 
cyclone3d said:
IE10 users need not worry at all, especially since about 90% of web pages won't even load properly with it.
Click to expand...

What? Every page I go to opens in it just fine in IE10. I have seen one or two that don't, about the same as firefox and chrome number wise.
 
SkribbelKat said:
IE6 was a lot more resource-efficient than web browsers that followed and, unlike alternatives, didn't need a ton of plugins from CreeperJoe's Warez Shack to work. Let's go down the list:

Firefox - Unfixed memory leaks since version 2 (3?) and stupid 3rd party plugins + lame Flash support on Windows

Chrome - Google's latest trojan horse spyware disguised as a "free" browser pretty much goes O.O at everything you do.

Opera - Well okay, that's one option :)

Safari - Apple much?

That leaves pretty much versions of IE and of those 6 was the most modern that was efficient and existed in a "we really can just open another window instead of a tab which is pretty much the same thing" world and Lynx which is ultra secure and lots better than IE, but not many people understand how to use it or want to learn how to get around inside it. So IE comes out on top by default since pretty much everything else except Opera and Lynx are spyware or trash.

I admit that under Linux, Firefox works okay, but Lynx is more well maintained under Linux which makes it work better there than in a CLI under Win.
Click to expand...

You almost had me Skribbel..but when I read the opera line I instantly remembered your sig.
 
you can't pretend to be serious and troll at the same time. its a art
 
No one expects Opera, our greatest weapon is the element of surprise!

We can fart in hacker's general direction.
 
cyclone3d said:
IE10 users need not worry at all, especially since about 90% of web pages won't even load properly with it.
Click to expand...

devil22 said:
What? Every page I go to opens in it just fine in IE10. I have seen one or two that don't, about the same as firefox and chrome number wise.
Click to expand...
It's true. 90% may be a gross exaggeration, but IE10 has some serious compatibility issues with a large number of websites out there. The problem I have seen with IE10 is how it handles javascript. Running the F12 Developer tools then switching the browsing mode to IE8 or IE9 usually fixes the issue.
 
I think IE needs to be canceled for real. everyone in the world should be forced to use an open source browser like chromium
 
Imaulle said:
I think IE needs to be canceled for real. everyone in the world should be forced to use an open source browser like chromium
Click to expand...

Yea, while we are at it I also think everyone should be forced to drive Yugo's and eat at McDonalds everyday of their life. :rolleyes: I mean why should anyone be allowed to have a freedom of choice, right?
 
03grandam said:
Yea, while we are at it I also think everyone should be forced to drive Yugo's and eat at McDonalds everyday of their life. :rolleyes: I mean why should anyone be allowed to have a freedom of choice, right?
Click to expand...

Amen brother!!
 
SkribbelKat said:
Windows 98 SE hasn't needed a security patch in ages so the fact that IE6 has problems only means that people should switch from junk like XP/Vista/7/8 back to operating systems that are not hackable like 2000 (which has only more recently stopped needing patches) 98, ME, or NT4.
Click to expand...

LOL...the reason for security patches not being issued in ages, is because MS no longer supports them. :D
 
SkribbelKat said:
Hey, I'm offended by that! There are lots of times (like during that last post I made) when I really was dumb. Take it back!
Click to expand...

I'm sorry, Skribs is actually not an evil mastermind. All your trolling is purely accidental. :p
 
What surprises me is that after over 8 versions of IE, there are STILL exploits in it. A browser should not have any code paths whatsoever that allow to write to the disk, period. About the only code path that should be there is the ability to download a file and it has to write it to disk, but that should be restricted to whatever the user who runs it has access to. The fact that javascript and flash code is capable of executing something that changes system files is mind boggling. There is zero reason why such code paths should exist to be exploited. A browser is a viewer application.
 
Red Squirrel said:
What surprises me is that after over 8 versions of IE, there are STILL exploits in it. A browser should not have any code paths whatsoever that allow to write to the disk, period. About the only code path that should be there is the ability to download a file and it has to write it to disk, but that should be restricted to whatever the user who runs it has access to. The fact that javascript and flash code is capable of executing something that changes system files is mind boggling. There is zero reason why such code paths should exist to be exploited. A browser is a viewer application.
Click to expand...

If I exploit code, by definition, I'm running my own code. I'm not sure how your argument applies, when I've exploited the code and am now running my code. My code can do whatever I want it too, including load libraries, and use other coded modules.

The writing to the disk, isn't required to exploit code, SQL Slammer, never wrote to the disk.

Read only parsers can be exploited, and are exploited all the time, all you have to do is to make the parser do something the developer didn't expect.

Now, on IE on later versions with a modern operating system, there is a low rights sandbox around the browser, to try and prevent malcode to break out of the sandbox, but as Pwny showed with Chrome's sandbox, sandboxes can be broken out off.


This posting is provided "AS IS" with no warranties, and confers no rights.
 
Red Squirrel said:
What surprises me is that after over 8 versions of IE, there are STILL exploits in it. A browser should not have any code paths whatsoever that allow to write to the disk, period. About the only code path that should be there is the ability to download a file and it has to write it to disk, but that should be restricted to whatever the user who runs it has access to. The fact that javascript and flash code is capable of executing something that changes system files is mind boggling. There is zero reason why such code paths should exist to be exploited. A browser is a viewer application.
Click to expand...

I completely agree. This is one of things I've been talking about for years. It's one of the reasons I wont use IE. I know there are companies that code their internal systems so that employees are required to use IE just because it will write to the disk. Companies and their IT departments that do this find themselves painted into a corner with this kind of thinking and are often dealing with problems they otherwise wouldn't.

There are times when I would like to have the browser write to the disk for my internally run database. But I usually find other ways around it. It's a double edge sword. Since I use Firefox on everything, alot of it I'll just live without. It really is safer that way.

I remember when SP2 came out for XP and how it was hailed as the be-all-end-all. It was said to be the great achievement that would fix everything and that nothing else would ever have to be done again. Well.....here we are.....
 
Ranma_Sao said:
If I exploit code, by definition, I'm running my own code. I'm not sure how your argument applies, when I've exploited the code and am now running my code. My code can do whatever I want it too, including load libraries, and use other coded modules.

The writing to the disk, isn't required to exploit code, SQL Slammer, never wrote to the disk.

Read only parsers can be exploited, and are exploited all the time, all you have to do is to make the parser do something the developer didn't expect.

Now, on IE on later versions with a modern operating system, there is a low rights sandbox around the browser, to try and prevent malcode to break out of the sandbox, but as Pwny showed with Chrome's sandbox, sandboxes can be broken out off.


This posting is provided "AS IS" with no warranties, and confers no rights.
Click to expand...

Well you still need a code path in the program that allows you to write your own code. I would hope a huge company like Microsoft would not have exploits such as SQL injection or other equivalent exploits. Even then, part of the program would need to be able to compile your code and run it.

I just don't get how these security holes get missed. FF and other browsers are quite vulnerable too these days. It's just sad that in this day and age people can't code stuff that's more bullet proof.

You can't write code and ask another program to execute it if that program does not have an avenue for it to execute it. A browser should not have such avenues. It's like trying to make a text file that will make notepad delete all your programs. That's just impossible as there is no code path in notepad (at least I hope) that would allow a simple text file to make it do something other than display it. A browser simply displays web pages, it should be that simple.
 
Red Squirrel said:
...It's like trying to make a text file that will make notepad delete all your programs. That's just impossible as there is no code path in notepad (at least I hope) that would allow a simple text file to make it do something other than display it...
Click to expand...

Until someone opens an email through Outlook Express (with the preview pain on) which works hand in hand with IE that converts that text file to a batch file.
 
CaptNumbNutz said:
It's true. 90% may be a gross exaggeration, but IE10 has some serious compatibility issues with a large number of websites out there. The problem I have seen with IE10 is how it handles javascript. Running the F12 Developer tools then switching the browsing mode to IE8 or IE9 usually fixes the issue.
Click to expand...
Or you could just active compability/quarks mode and not have to change it though the developer tools. That or just change your user-agent string to something like chrome. The compatibility comes from increased compliance to given standards from IE meaning the older versions of IE which flamboyantly ignored standards and thus lead to developer coding specific to IE6 or 7 etc but not updating their code later on to come into line with newer versions of IE. But i suppose no one can never appease everyone on the internet people complain about everything.
 
Red Squirrel said:
Well you still need a code path in the program that allows you to write your own code. I would hope a huge company like Microsoft would not have exploits such as SQL injection or other equivalent exploits. Even then, part of the program would need to be able to compile your code and run it.

I just don't get how these security holes get missed. FF and other browsers are quite vulnerable too these days. It's just sad that in this day and age people can't code stuff that's more bullet proof.

You can't write code and ask another program to execute it if that program does not have an avenue for it to execute it. A browser should not have such avenues. It's like trying to make a text file that will make notepad delete all your programs. That's just impossible as there is no code path in notepad (at least I hope) that would allow a simple text file to make it do something other than display it. A browser simply displays web pages, it should be that simple.
Click to expand...

Not true at all, if a program is parsing data, and the developer trusts that data in anyway, it can cause exploits to occur.

Your notepad clone makes assumptions all proper text documents have a proper EOF marker, and makes an assumption in code about that EOF marker, you now have something that might be exploited. There doesn't have to be any executable code in the path of the document for this to occur! A famous Adobe bug, was due to the size of the document being in the header, and malicious coders fuzzed this, and found they could cause the parser to make choices based on that field when it allocated memory to display the document. A little magic and boom, the size of the display buffer is zero, and the document is huge, and boom code execution occurs. (Integer Overflow)


The problem with all viewer things is they have to make assumptions about what they are viewing, and if the developer makes a mistake with the assumption, boom, you have a potential hole that can be exploited.

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Ranma_Sao said:
Not true at all, if a program is parsing data, and the developer trusts that data in anyway, it can cause exploits to occur.

Your notepad clone makes assumptions all proper text documents have a proper EOF marker, and makes an assumption in code about that EOF marker, you now have something that might be exploited. There doesn't have to be any executable code in the path of the document for this to occur! A famous Adobe bug, was due to the size of the document being in the header, and malicious coders fuzzed this, and found they could cause the parser to make choices based on that field when it allocated memory to display the document. A little magic and boom, the size of the display buffer is zero, and the document is huge, and boom code execution occurs. (Integer Overflow)


The problem with all viewer things is they have to make assumptions about what they are viewing, and if the developer makes a mistake with the assumption, boom, you have a potential hole that can be exploited.

This posting is provided "AS IS" with no warranties, and confers no rights.
Click to expand...

Wow sounds like very shoddy coding then. You can NEVER trust user inputted data no matter how it's provided. I guess some companies do not understand this. Since yeah anything that can cause a buffer overflow opens up a whole new world given one can write to memory.

I have seen some web forms that trust user data as well. A common error is trusting the response of drop down/selection boxes or other "non user entered text" items. A user who knows what they're doing can easily enter anything they want in those fields. Either by manipulating the packet or their browser.
 
You must log in or register to reply here.
Back
Top