Microsoft: IE Zero Day Flaw Affects All Versions (CVE-2013-3893)

KIA

KIA

KIA

Man of Honour
Joined
14 Nov 2004
Posts
13,846
Microsoft said today that attackers are exploiting a previously unknown, unpatched vulnerability in all supported versions of its Internet Explorer Web browser. The company said it is working on an official patch to plug the security hole, but in the meantime it has released a stopgap fix to help protect affected customers.

IEwarningMicrosoft said it is aware of targeted attacks that attempt to exploit the vulnerability (CVE-2013-3893) in IE 8 and IE 9 versions of the default Windows browser. According to an advisory issued today, the flaw is a remote code bug, which means malware or miscreants could use it install malware just by coaxing IE users to browse a hacked or malicious Web site.

The Fix It solution is available from this link. To apply it, click the Fix It icon above the Fix This Problem link. Applying this solution may limit some functionalities of IE, so if you run into problems after applying this interim patch, you can click the Fix It icon to the right of that “enable” button to reverse the update.
Click to expand...

http://krebsonsecurity.com/2013/09/microsoft-ie-zero-day-flaw-affects-all-versions/
http://technet.microsoft.com/en-us/security/advisory/2887505

Apply the fix or use a different browser.
 
The most annoying thing about Microsoft? The constant updates! Lol. I don't use them anyway.
 
From pretty much all reports IE has had less vulnerabilities over the last couple of years than either FF or Chrome :/

secunia said:
Google's Chrome web browser topped the list with 291 vulnerabilities in 2012, followed by Mozilla's Firefox browser with 257, Apple's iTunes with 243, Adobe's Flash Player with 67, and Oracle's Java with 66. Secunia says the study shows that Microsoft is doing a better job in making sure its own programs are more secure from exploits.
Click to expand...
 
ShakenNstirred said:
tired of seeing things like this, its made to seem like if you use this browser YOU WILL GET ATTACKED, which is not true, the word is COULD not WILL
Click to expand...

Ignorance is bliss, I guess. I would prefer a friendly heads-up.

Macro said:
From pretty much all reports IE has had less vulnerabilities over the last couple of years than either FF or Chrome :/
Click to expand...

Those are reported vulnerabilities, not actively exploited 0days.

Microsoft launched its bug reward program in June. The others have had active programs for many years.

http://www.microsoft.com/security/msrc/report/bountyprograms.aspx
 
Macro said:
From pretty much all reports IE has had less vulnerabilities over the last couple of years than either FF or Chrome :/
Click to expand...

strange that you only see the ones about IE on here lol that's why im tired of seeing them, its all one sided.
people just love to post them but never seem to post the same about chrome n FF.
its nothing to do with "Ignorance is bliss"
in all my years of using IE I have never had one of the vulnerabilities affect me so im not worried one bit .
I have tried chrome and couldn't get on with being told I have to do things the google way when I wanted it my way and just never liked FF.

IE does everything I want and how I like it and never seems slow compared to the others so im happy with it.
 
ShakenNstirred said:
strange that you only see the ones about IE on here lol that's why im tired of seeing them, its all one sided.
people just love to post them but never seem to post the same about chrome n FF.
Click to expand...

Please show us the actively exploited 0days in Chrome & FF.

We warn people about 0days in Java & IE for a very good reason.
 
You must log in or register to reply here.
Back
Top Bottom