27 replies
  • OFF TOPIC
  • |
Seriously this is worse than the normal hack from the way it is being described and the only defense is just don't use the browser.

Hackers target Internet Explorer web browsers

Get Chrome at http://www.google.com/chrome
Get FireFox at Download Firefox

It's time you did anyway - I can't believe how many people still use IE in spite of it being holier than swiss cheese.

  • Profile picture of the author Karen Blundell
    oh nasty - I normally use Firefox but there are some websites that only work properly if you use IE - guess I won't be visiting them anymore
    Signature
    ---------------
    {{ DiscussionBoard.errors[9150914].message }}
  • Profile picture of the author waterotter
    Personally, I despise IE. I only access to see if my sites are loading properly.

    JMO
    {{ DiscussionBoard.errors[9150927].message }}
  • Profile picture of the author Jacqueline Smith
    Thanks for the warning.

    I usually use Firefox but still access a few sites through IE...guess I won't be doing that anymore.
    Signature
    {{ DiscussionBoard.errors[9150928].message }}
  • Profile picture of the author Patrician
    I haven't used IE in years - but hesitate to delete it since it is part of Windows - maybe I am being superstitious.

    ... but worse is the fact some say just having it on your machine is a risk - even if you don't use it -- this was about 200 patches ago.

    As I said, this one sounds like a worse situation than ever before but they do say just don't use it rather than kill it completely.

    Stay safe peeples!
    Signature
    {{ DiscussionBoard.errors[9150964].message }}
  • Profile picture of the author DireStraits
    I recall reading the other day that Internet Explorer on certain editions of Windows (and/or Windows Server) is immune because it runs in Enhanced Protected Mode.

    This isn't the case anymore on Windows 7/8, but it can easily be turned on by going through Tools > Internet Options and clicking the Advanced tab.

    Now, whether that will mitigate this specific threat or not - and I don't actually know for sure that it does - it's worth running EPM mode anyway if at all possible because of the other protections it confers. I do, and frankly, it's not half as inhibitive as people say. Flash, Silverlight and all the usual plugins are compatible, and Lenovo's password/fingerprint tool works a treat for me too.

    The only inconvenience is having to click "Accept" every time I want to load a PDF in the browser. But that's hardly a chore and can be prevented, I believe, by adding frequently visited sites to the "Trusted" zone, or forcing PDFs to open externally by disabling the browser-embedded function.

    The other option is to ditch IE, at least temporarily. But some of us have done that in the past and found to our great astonishment that, when all's said and done, it isn't that bad. Other browsers fall short in certain ways too.
    {{ DiscussionBoard.errors[9151698].message }}
  • Profile picture of the author johnben1444
    Originally Posted by Patrician View Post

    Seriously this is worse than the normal hack from the way it is being described and the only defense is just don't use the browser.

    Hackers target Internet Explorer web browsers

    Get Chrome at http://www.google.com/chrome
    Get FireFox at Download Firefox

    It's time you did anyway - I can't believe how many people still use IE in spite of it being holier than swiss cheese.

    I would like to narrow down your list to just Firefox. Google chrome sucks big time for me, damn too slow.
    Signature
    Grow your social media account, Spotify Streams, YT Views & IG Followers & More
    Software & Mobile APP Developer
    Buy Spotify, Facebook Bot & IG M/S Method
    {{ DiscussionBoard.errors[9151714].message }}
    • Profile picture of the author Patrician
      Originally Posted by johnben1444 View Post

      I would like to narrow down your list to just Firefox. Google chrome sucks big time for me, damn too slow.
      Wow. incredible. Chrome is zippy fast compared to FF or IE - but I do have to clear my cache (delete all history, cookies and temp files) every time I get any kind of an error. That fixes almost any condition with Chrome. It is real quirky (temperamental) sometimes though - :rolleyes:
      Signature
      {{ DiscussionBoard.errors[9151928].message }}
      • Profile picture of the author Richard Van
        I must admit I left Firefox because of the constant crashing, I've been very happy with Chrome so far. I've not used IE for some time.

        What has caught my attention however was something you mentioned Patrician, about it still being a danger just being on your computer. I couldn't find that in the article but I wanted to know if anyone had deleted IE and what ramifications there were if any?

        Michael, I'd be grateful for your advice, you seen pretty up to speed on IE.
        Signature

        Wibble, bark, my old man's a mushroom etc...

        {{ DiscussionBoard.errors[9151984].message }}
        • Profile picture of the author Patrician
          Originally Posted by Richard Van View Post

          What has caught my attention however was something you mentioned Patrician, about it still being a danger just being on your computer. I couldn't find that in the article but I wanted to know if anyone had deleted IE and what ramifications there were if any?

          Michael, I'd be grateful for your advice, you seen pretty up to speed on IE.
          Hi Richard - I heard that a long time ago - not associated with this latest attack. Don't know if it is true or not - but makes me feel creepy! LOL.

          However what is quoted as so bad about this one is that the user has NO IDEA anything is wrong - so that makes it sort of like the Zombie routine where they can exploit your machine to send out malware and you don't even know - (from an unused, open port) - so more creepy crawly there.

          There are people here who know much more than I do about this - I am just a pedestrian.

          p.s. in the same vein, funny because of no real harm done - it's an OMG:

          connected-home-hackers-stop-yelling-at-babies- (freaking hacked baby cams!!!)

          http://readwrite.com/2014/04/30/conn...oCYEiVRFgSh6rb
          Signature
          {{ DiscussionBoard.errors[9153815].message }}
        • Profile picture of the author DireStraits
          Originally Posted by Richard Van View Post

          Michael, I'd be grateful for your advice, you seen pretty up to speed on IE.
          I have to say it'd be pretty disingenuous of me to let that idea slip by unchallenged. An itchy trigger finger has given me a loose and vaguely cohesive body of knowledge which doesn't lend itself well to any practical application at all. And not just with respect to IE! :p

          But I gather that Windows and Internet Explorer have always been robustly coupled to one another, sharing core files and subsystems. Over the years this dependency appears to have become more, not less, pronounced.

          So there's no way to truly uninstall the thing without disembowelling the OS, losing functionality and throwing up all kinds of errors. The best that can really be hoped for is to remove IE access points (see these steps).

          It has to be pretty far from true removal but more extensive than just setting another browser as your default and deleting shortcuts to IE.
          {{ DiscussionBoard.errors[9154403].message }}
          • Profile picture of the author Richard Van
            Thanks Michael, I have it on my computer but I don't use it and it doesn't open as default on anything I can recollect. I was just concerned just having it there would cause issues but from what you've said, I think I'll open a can of worms if I remove it.

            I think I'll stay fixed on what's happening and take it from there.

            Many thanks for getting back old boy.
            Signature

            Wibble, bark, my old man's a mushroom etc...

            {{ DiscussionBoard.errors[9154414].message }}
  • Profile picture of the author SilentBase14
    Haven't used IE in YEARs

    Cant say I miss it much. Chrome is much more optimal.
    {{ DiscussionBoard.errors[9151755].message }}
    • Profile picture of the author Yvon Boulianne
      it's Chrome > Firefox > Internet Explorer
      Signature
      Stop Struggling With Your Website and Marketing
      30$ / task, pay after done!
      {{ DiscussionBoard.errors[9151782].message }}
  • Profile picture of the author bizgrower
    Thanks for the Enhanced Protection Mode (EPM) tip. You also have to
    enable, if applicable, 64-bit processes for EPM. And, I'd suggest enabling
    SmartScreen Filter (SSF).

    According to this article, which has a lot of other related tips
    such as handling XP now..., what you really need to watch out for
    is infected sites as it's a "drive by" attack.

    http://www.komando.com/tips/250386/s...t-explorer/all

    On a Windows machine, Chrome and Firefox piggy back on Internet Explorer,
    so I don't think it's feasible to remove IE and still be able to use the internet.
    This being the case - and I'm not super tech savvy - but I don't see how using
    other browsers makes you invulnerable.

    Regardless of browsers, it's best to be care full about what sites your computer
    users visit.
    Signature

    "If you think you're the smartest person in the room, then you're probably in the wrong room."

    {{ DiscussionBoard.errors[9152139].message }}
  • Profile picture of the author SteveJohnson
    IE gets the brunt of the attention, but all 3 major browsers - IE, Chrome, Firefox - have all been hacked, and recently.

    Chrome, IE and Firefox Hacked

    And unfortunately, advice like this:

    Regardless of browsers, it's best to be care full about what sites your computer users visit.
    is next to useless. Not picking on bizgrower, but you don't have any way of knowing whether the site you're visiting is going to be a source of malware. This all started when the VFW site was hacked in order to exploit the IE vulnerability.
    Signature

    The 2nd Amendment, 1789 - The Original Homeland Security.

    Gun control means never having to say, "I missed you."

    {{ DiscussionBoard.errors[9152942].message }}
    • Profile picture of the author bizgrower
      Originally Posted by SteveJohnson View Post

      IE gets the brunt of the attention, but all 3 major browsers - IE, Chrome, Firefox - have all been hacked, and recently.

      Chrome, IE and Firefox Hacked

      And unfortunately, advice like this:



      is next to useless. Not picking on bizgrower, but you don't have any way of knowing whether the site you're visiting is going to be a source of malware. This all started when the VFW site was hacked in order to exploit the IE vulnerability.
      I mean in terms of sticking with known sites and using your anti virus protection
      to help determine safe sites until this is resolved. Be careful about clicking on ads
      and links to unknown websites. Copy and paste a questionable url into your search
      engine page - not your browser bar - and see how your antivirus treats it. Visit the
      actual page if it appears to be ok....

      There are probably sites where you can test URLS against a database of potentially
      malicious sites first.

      -----------------------

      I just remembered the Komando article said they are getting in through Adobe Flash,
      so it's wise to manually uninstall and put in a fresh install. Adobe has patched it.
      (This addresses one vulnerability only, not all.)
      Signature

      "If you think you're the smartest person in the room, then you're probably in the wrong room."

      {{ DiscussionBoard.errors[9153053].message }}
  • Profile picture of the author HeySal
    No place is really safe - my computer has just blocked 3 trackers right here on the WF. I presume that is a "new" feature here.

    I have something running on my computer that I can't get rid of right now. I go to my task manager and shut it down, but I have no clue how it got here, have run malwarebytes on it. About to go do a TDSSKiller on it. I've tried to remove one with crapcleaner that doesn't seem to want to come off. And yes, I have XP. Have to get some disks to burn a few Linux programs to try out before I pick one to change over to. My computer is protected from hell to highwater though and I'm picking up crap I never had a problem with before. I can't believe the gunk that's being cleaned off every time I do scans.
    Signature

    Sal
    When the Roads and Paths end, learn to guide yourself through the wilderness
    Beyond the Path

    {{ DiscussionBoard.errors[9152982].message }}
  • Profile picture of the author Floyd Fisher
    A couple of weeks ago, the heart bleed virus came out, and I was sermonized on the evils of 'open source' software (Chrome and Firefox are open source btw).

    This week, an exploit for MSIE is found, and I am now being sermonized about the evils of using that browser.

    So which is the real evil? Or should I just switch to safari for a while until a fix comes out?
    {{ DiscussionBoard.errors[9154511].message }}
  • {{ DiscussionBoard.errors[9154770].message }}
    • Profile picture of the author DireStraits
      Just a heads-up to say a fix appeared in Windows Update this morning, dated yesterday.

      Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (KB2964358)


      Equivalents should be available for other OS and browser versions. Apparently they concern this security bulletin, which addresses the exploit discussed in this thread.
      {{ DiscussionBoard.errors[9156795].message }}
      • Profile picture of the author Floyd Fisher
        Originally Posted by DireStraits View Post

        Just a heads-up to say a fix appeared in Windows Update this morning, dated yesterday.



        Equivalents should be available for other OS and browser versions. Apparently they concern this security bulletin, which addresses the exploit discussed in this thread.
        Yep....just put mine in....crisis now over.
        {{ DiscussionBoard.errors[9156894].message }}
        • Profile picture of the author tagiscom
          Originally Posted by Richard Van View Post

          I must admit I left Firefox because of the constant crashing, I've been very happy with Chrome so far. I've not used IE for some time.

          What has caught my attention however was something you mentioned Patrician, about it still being a danger just being on your computer. I couldn't find that in the article but I wanted to know if anyone had deleted IE and what ramifications there were if any?

          Michael, I'd be grateful for your advice, you seen pretty up to speed on IE.
          Yep, l use FF all the time, and it is a major pain to have it constantly crash, and l only access IE, is FF acts up or for checking the compatibility of software, etc.

          But l did do some thorough research as l got increasingly sick of having it crash every time it updated to the latest version.


          Initially l stopped it from updating, which didn't work, it still updates, somehow?

          But l realize now, that the Flash player extension is what is causing FF to crash when it updates, (Flash hates an updated FF version).

          So either use or install flash to IE only, which is a pain, video wise, or every-time FF updates, pull and reinstall Flash again, that should stop it from crashing!

          But FF did update recently and no crashes, so maybe someone fixed it?

          But the Adobe Flash player extension for the FF browser is the main culprit!

          Originally Posted by HeySal View Post

          No place is really safe - my computer has just blocked 3 trackers right here on the WF. I presume that is a "new" feature here.

          I have something running on my computer that I can't get rid of right now. I go to my task manager and shut it down, but I have no clue how it got here, have run malwarebytes on it. About to go do a TDSSKiller on it. I've tried to remove one with crapcleaner that doesn't seem to want to come off. And yes, I have XP. Have to get some disks to burn a few Linux programs to try out before I pick one to change over to. My computer is protected from hell to highwater though and I'm picking up crap I never had a problem with before. I can't believe the gunk that's being cleaned off every time I do scans.
          Sal try turning off, System Restore, or deleting all your restore points; XP, (which l have) has an issue where Trojans hide in system restore memory.

          I had a pesky Trojan, that was manageable, then after almost a year or throwing everything l could at it, l finally got rid of it!


          Shane
          {{ DiscussionBoard.errors[9156921].message }}
      • Profile picture of the author Patrician
        Originally Posted by DireStraits View Post

        Just a heads-up to say a fix appeared in Windows Update this morning, dated yesterday.



        Equivalents should be available for other OS and browser versions. Apparently they concern this security bulletin, which addresses the exploit discussed in this thread.
        Wow - thanks - well I just learned something about 'automatic updates' - and this is so ludicrous - I just assumed since I am set up for automatic updates I didn't need to worry - well when I clicked 'Windows Update' a dialogue box came up saying it was WAITING to install the security patch and I had to restart my machine. WHO KNEW?

        (I am one who leaves main PC always on but shut down just once a week to cool it off) - however I do also restart every so often (AND just did it last night) - so they took their good old time getting this out to the public).

        So it ran the security update - Thank you - But then something else I took for granted was that FF and Chrome update automatically - and it was not true for FF-

        When I did 'About FireFox' it had an update waiting too! (my Norton has been showing me I am being hammered by something the last few days that they are blocking and I just noticed it is coming from FireFox) - So anyway ran that.

        Man, 'automatic updates' is like 'autopilot' - IT ISN'T! :rolleyes:
        Signature
        {{ DiscussionBoard.errors[9157632].message }}
        • Profile picture of the author tagiscom
          Originally Posted by Patrician View Post

          Wow - thanks - well I just learned something about 'automatic updates' - and this is so ludicrous - I just assumed since I am set up for automatic updates I didn't need to worry - well when I clicked 'Windows Update' a dialogue box came up saying it was WAITING to install the security patch and I had to restart my machine. WHO KNEW?

          (I am one who leaves main PC always on but shut down just once a week to cool it off) - however I do also restart every so often (AND just did it last night - so they took their good old time getting this out to the public).

          So it ran the security update - Thank you - But then something else I took for granted was that FF and Chrome update automatically - and it was not true for FF-

          When I did 'About FireFox' it had an update waiting too! (my Norton has been showing me I am being hammered by something the last few days that they are blocking and I just noticed it is coming from FireFox) - So anyway ran that.

          Man, 'automatic updates' is like 'autopilot' - IT ISN'T! :rolleyes:
          Yep, if FF crashes or the Norton toolbar disappears, just update and restart as many times as it takes until it stops updating.

          You will usually get a patch that fixes one or both!


          Shane
          {{ DiscussionBoard.errors[9157680].message }}
          • Profile picture of the author Karen Blundell
            installed the Windows update for the IE fix and also updated Adobe Flash plugin and Active X Control -

            Like everything else - it's best to do the updates when they come in - in my opinion -

            I still refuse to make IE my default browser - and on the rare occasions when I do use it- all my add-ons are shut off (especially Windows Messaging, etc) all the usually points of entry - closed -

            any browser can be hacked though - it doesn't really matter - what does matter is that you take the proper precautions and protect your sensitive data - and be careful what sites you visit - run frequent scans - I do mine often - and keep everything up to date (virus definitions, etc)

            @HeySal - try this software to identify what it is that you have on your computer that is unknown:
            Security Task Manager (30 day trial - after trial $29)
            Security Task Manager - Windows 8, 7, XP process viewer
            (no affiliation)
            Signature
            ---------------
            {{ DiscussionBoard.errors[9157719].message }}
  • Profile picture of the author ErinWalsh
    I haven't used IE in years, but it doesn't surprise me that hackers targeted IE. Most businesses use IE internally and IT departments don't want to let their user install other browsers. Thus you get whole networks exposed to the hack.
    Signature

    Boost Software teamed up with Neverblue. They helped produce this new affiliate video.

    {{ DiscussionBoard.errors[9156931].message }}
  • Profile picture of the author bizgrower
    They also did the browser patch for XP. Yea!
    Signature

    "If you think you're the smartest person in the room, then you're probably in the wrong room."

    {{ DiscussionBoard.errors[9158559].message }}

Trending Topics