Welcome to WebmasterWorld Guest from 54.234.244.30

Forum Moderators: bill

Message Too Old, No Replies

Security Group Issues Emergency IE Patch

     
11:09 am on Sep 25, 2006 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:22318
votes: 240


Following on from New Internet Explorer Vulnerability Posted on Web [webmasterworld.com]

A group of security professionals has created a third-party fix for a recently discovered Internet Explorer flaw that's increasingly being used in cyber attacks.

The group, which calls itself the Zeroday Emergency Response Team, or Zert, created the patch so IE users can protect themselves while Microsoft works on an official fix.

Security Group Issues Emergency IE Patch [software.silicon.com]

Would you install a third party patch? I'm not sure I would.

11:38 am on Sept 25, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Dec 27, 2002
posts:1187
votes: 0


No. It scares me enough to install the "Offical" patches.
11:53 am on Sept 25, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member billys is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 1, 2004
posts:3181
votes: 0


I'll wait for an official patch. It might be costly later on in terms of conflicts.
12:00 pm on Sept 25, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 30, 2004
posts:1148
votes: 0


Whats more shocking is the fact that a patch comes from a 3rd party faster than Microsoft. pffft.
1:17 pm on Sept 25, 2006 (gmt 0)

Full Member

10+ Year Member

joined:July 8, 2005
posts:348
votes: 0


Which version of IE is it for?
1:18 pm on Sept 25, 2006 (gmt 0)

Full Member

10+ Year Member

joined:July 8, 2005
posts:348
votes: 0


Nevermind

"IE versions 5.01 and 6 on all current versions of Windows are affected."

4:05 pm on Sept 25, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Dec 15, 2003
posts:2606
votes: 0


This is what happens with scheduled updates.

Microsoft has patch Tuesday.

Unscrupulous coders have exploit Wednesday knowing how long they have until the patch comes out.

I guess it is nice that someone is being preemtive about this. However I do have some reservations about installing a third party patch.

I try to only use my IE to test my own sites so I don't need to patch it right away as I trust my sites.

6:38 pm on Sept 25, 2006 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 11, 2004
posts:582
votes: 0


This is an amazing ironic jab at MS, doing their job for them.
1:22 am on Sept 27, 2006 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:Oct 12, 2000
posts:14487
votes: 49


The MS patch is now ready for download.
7:49 pm on Sept 27, 2006 (gmt 0)

Junior Member

10+ Year Member

joined:Dec 13, 2004
posts:121
votes: 0


Unscrupulous coders have exploit Wednesday knowing how long they have until the patch comes out.

Disagree for two reasons:

1. An optimal time would be sometime before patch Tuesday giving MS insufficient time to test and release on Tuesday

2. MS can always issue a special if its serious enough.

Just a question if anyone knows, did IE7 Beta have the same problem? A success for MS if not so.

Edit: added 'not' to last line above.

[edited by: Tidal2 at 7:54 pm (utc) on Sep. 27, 2006]

12:16 pm on Sept 30, 2006 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 13, 2002
posts:2162
votes: 0


Unscrupulous coders have exploit Wednesday knowing how long they have until the patch comes out.

It only becomes a real threat when the patch is released and admins delay installing it. There are an infinate number of *theoretical expoloits* awaiting patches. Zero day exploits are a problem though, but still best to wait for the vendor.

>Zeroday Emergency Response Team
I wouldnt install antyhing from anyone calling themselves that :)

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members