View Full Forums : New worm targets IE
Seriena
09-19-2003, 05:56 AM
<blockquote><strong><em>Quote:</em></strong><hr>California (Reuters) -- Anti-virus companies warned on Thursday of a new computer worm circulating through e-mail that purports to be security software from Microsoft Corp. but actually tries to disable security programs that are already running.
The worm, dubbed "Swen" or "Gibe," takes advantage of a two-year-old hole in Internet Explorer and affects systems that have not installed a patch for that security hole, according to Internet security company Network Associates Inc.. [/quote]
www.cnn.com/2003/TECH/int...index.html (http://www.cnn.com/2003/TECH/internet/09/19/worm.swen.reut/index.html)
We just got a big long email from our university about this worm too. Might be worth it to check out windows update and run the patches.
Cloudien
09-19-2003, 06:04 AM
Get a secure browser, people :)
www.mozilla.org (http://www.mozilla.org)
Or at least set up auto updates (broadband) / remember to carry out manual updates (dial-up)
Seriena
09-19-2003, 06:20 AM
mozilla is what I use too. Love it.
Tiane
09-19-2003, 10:47 PM
Just tried out mozilla (again!) to see how it's coming.
I dunno... seems the same. It still feels like Netscape 4. It still doesnt work quite right when I use it on my secondary monitor. It's no faster. It takes up the same amount of memory as IE. Google taskbar does my popup blocking in IE and has other features I use all the time. It doesnt do the hold-down-the-middle-button and drag/scroll thing that I love to do.
The only things it *does* do which I WISH IE would do are:
- Pressing ctrl-N opens up a BLANK WINDOW! I dont understand ie's reasoning behind opening up and re-downloading the same damn thing I was just looking at.
- Clicking a link with the middle button opens the link in a new window. I *love* that... make IE do it 8(
Other than that, I'll wait for Mozilla's next version and just keep runing windows update now and then.
Tia
Another thing i miss from netscape is it doesnt forget forms as much as IE if you go back.
Tils
Cloudien
09-20-2003, 01:32 AM
Moz has come a long way since Netscape 4..
Try hitting ctrl-t ... and enjoy nice, organised tabbed browsing :)
Script control = no more fake status bar messages
The fact that it's open source means bugs and security flaws get fixed fast (millions of eyeballs on one bug)
Never going to get bitten by all these IE exploits swarming around...
Conforms to standards - it's been a long time since I last found a site that doesn't work properly. Though taking IE as a "standard" as some authors do = bad
You also tend to notice that whilst web technologies are ready to move to the next level, MS have no intention of upgrading IE until the next version of Windows (Longhorn) which is due in about 2007 last I heard.
Still, no piece of software is going to be to everyone's tastes :)
Tudamorf
09-20-2003, 02:03 AM
<blockquote>Tiane says:<hr>- Clicking a link with the middle button opens the link in a new window. I *love* that... make IE do it 8([/quote]Shift + left click.
<blockquote>Cloudien says:<hr>Get a secure browser, people[/quote]IE isn't targeted because it's not secure. It's targeted because just about every person uses it. Just about every person uses it because it's the best, especially at correctly displaying every type of page, and it's fast.
Besides, aren't we talking about an e-mail virus here? If you're stupid enough to click on an executable attachment in an e-mail, you really ought to have your Internet license revoked.
Tiane
09-20-2003, 04:27 AM
Gah all this time and it was just a shift away!
Hooray for mouse thumb button now being shift! :cool: (was control before, handy for multiple file selecting, but this is better.)
Tia
Cloudien
09-20-2003, 04:53 AM
LOL I agree, it doesn't make sense that people still go clicking on email attachments.
I'm mainly talking about the fact that Microsoft are well known for failing to patch known vulnerabilities (http://www.pivx.com/larholm/unpatched/) and that there's nothing anyone can do about it because only Microsoft can create the patches.
Contrast this with open source, where such a list will be posted to Bugzilla and patched within the hour.
With so many people working on the same project, you can also expect the code to be of a better standard. Prevention is better than cure - if MS didn't favour minor conveniences over gaping security holes so much less of these would happen.
Of course popularity is a major factor, but I'd wager that if both browsers were just as popular, there would be far more patched and unpatched vulnerabilities at one time for IE.
Naturally, an IE user who is responsible enough to apply all the necessary patches, addons, setting tweaks etc is going to be far better off. However it shouldn't really be the user's responsibility to secure a product they've indirectly (through buying Windows) paid for IMHO.
Klath
09-20-2003, 07:52 AM
<blockquote><strong><em>Quote:</em></strong><hr>Naturally, an IE user who is responsible enough to apply all the necessary patches, addons, setting tweaks etc is going to be far better off. However it shouldn't really be the user's responsibility to secure a product they've indirectly (through buying Windows) paid for IMHO.[/quote]
WRT patches, it doesn't take much effort to go to <a href="http://windowsupdate.microsoft.com" target="top">windowsupdate.microsoft.com</a> every once in a while and download/install the security updates. You can even configure the updater to notify you when there are new updates so that you can get them as soon as they're released.
Tudamorf
09-20-2003, 12:04 PM
<blockquote>Klath says:<hr>You can even configure the updater to notify you when there are new updates so that you can get them as soon as they're released.[/quote]Exactly, you can even have it install the patches automatically on a schedule so even someone who doesn't have a clue can always have a computer with the latest patches. Compare that to finding and applying a Linux patch! Microsoft is actually pretty good about releasing patches; the users are the ones who are too lazy to keep their product updated by clicking a few buttons.
<blockquote>Cloudien says:<hr>it shouldn't really be the user's responsibility to secure a product they've indirectly (through buying Windows) paid for IMHO[/quote]It isn't. Microsoft is giving you the patches for free, all you have to do is agree to have them installed (to prevent spyware allegations).
Seriena
09-20-2003, 02:07 PM
The one biggest reason I use Mozilla is because of the tabs. I like that I don't have to have 50 seperate windows up to browse diff sites, instead they are nice and neatly organized by tabs at the top of my browser. Can IE do that? I never saw an option for that but I could have overlooked it.
Cloudien
09-21-2003, 03:09 AM
<blockquote><strong><em>Quote:</em></strong><hr>Compare that to finding and applying a Linux patch![/quote]
Never once did I mention Linux?
This is not a "my OS is better than your OS" debate and never meant to be...
It's a "my browser is better than your browser" debate ;)
For the record, applying patches with MandrakeUpdate or the Red Hat update prog is no more difficult than it is in Windows.
<blockquote><strong><em>Quote:</em></strong><hr>the users are the ones who are too lazy to keep their product updated by clicking a few buttons.[/quote]
Agreed, to a certain extent. I have broadband - patches download and install themselves every night at 3am, I'm basically non the wiser.
However, consider 56K dial-up users in these often-huge security patches and think again why they are "lazy" at downloading them.
The point is (or is now), if it was written with more care then surely there would be less patches for the user to download.
But I'm not going to sit here trying to convert an MS Zealot(TM), it's as much of a waste of time as trying to re-convert a Linux / OSS GNU/Zealot like myself ;)
vBulletin v3.0.0, Copyright ©2000-2010, Jelsoft Enterprises Ltd.