Welcome to WebmasterWorld Guest from 34.204.169.76

Forum Moderators: open

Message Too Old, No Replies

More IE security flaws

     
3:17 pm on Jan 26, 2010 (gmt 0)

Moderator from US 

WebmasterWorld Administrator travelin_cat is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 28, 2004
posts:3291
votes: 18


A new set of security flaws have been identified in Internet Explorer.

From the Telegraph:

Boston-based Core Security Technologies discovered the vulnerabilities on Friday January 22, only a day after the technology giant had released an unscheduled security patch to protect users of the most popular browser in the world from the flaws used by the hackers who pried into the email accounts of human rights activists in China.

Full story here. [telegraph.co.uk]

5:18 pm on Jan 26, 2010 (gmt 0)

Senior Member

joined:Jan 30, 2006
posts:1696
votes: 15


so they found ANOTHER hole in IE6?

This is like saying we found another flaw in windows 98.

5:44 pm on Jan 26, 2010 (gmt 0)

Full Member

10+ Year Member

joined:May 31, 2008
posts:265
votes: 1


Not if you realize that loads of users still run IE6 and it seems that IE7 is affected too. They mention upgrading to IE8.
6:19 pm on Jan 26, 2010 (gmt 0)

Senior Member

joined:Jan 30, 2006
posts:1696
votes: 15


how did they get around the FORCE update to IE7?
2:27 am on Jan 27, 2010 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts:15150
votes: 170


IT departments can block the forced upgrade to IE7. It's not too difficult. If the company needs IE6 to run an in-house package then many times they have no other choice.
2:32 am on Jan 27, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 24, 2003
posts:729
votes: 0


IT departments can block the forced upgrade to IE7. It's not too difficult. If the company needs IE6 to run an in-house package then many times they have no other choice.

Us web developers also need a sacrificial machine with IE6 on it also to do testing of our websites to make sure they still work right for the laggards out there who haven't updated.

Maybe some more bad IE6 news will help get folks to update. I'd love to end support for that PoS.

2:51 am on Jan 27, 2010 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts:15150
votes: 170


The preferred method these days is to run IE6 in a virtual machine so that you don't have to sacrifice the security of your users' desktops.
2:58 am on Jan 27, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Nov 24, 2003
posts:729
votes: 0


I just keep old heaps around that can be left off and unplugged except when testing is needed. I have one ancient Win95 box with IE5.5 on it that hasn't been started in a couple of years but could be plugged in should the need arise and one box that is about to be retired to the same fate that runs XP with IE6 on it. They'll just sit in storage for a call to action should it be required for some bizarre reason.
9:28 am on Jan 27, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 23, 2003
posts:915
votes: 0


how did they get around the FORCE update to IE7?

Err... there is no forced update from IE6.

Windows Update / Automatic Updates will offer you IE7 and/or IE8, but you're still at liberty to decline (thank goodness...)

I still have good reasons to stick with IE6 on some machines