Internet Explorer 10 in Windows 8 vulnerable to flash exploit

vbimport

#1

I just posted the article Internet Explorer 10 in Windows 8 vulnerable to flash exploit.

[quote][/quote]

Click to read the full article here: [http://www.myce.com/news/internet-explorer-10-in-windows-8-vulnerable-to-flash-exploit-63638/](http://www.myce.com/news/internet-explorer-10-in-windows-8-vulnerable-to-flash-exploit-63638/)

Feel free to add your comments below. 

Please note that the reactions from the complete site will be synched below.

#2

Use Firefox or Chrome if you are running this. Does anyone know if this is the desktop and the “metro” version or both?


#3

I wouldn’t expect Microsoft to worry about fixing pre-release issues, but I’m sure they’ve already got a stack of WinUpdates to perform. This is why I’ve sort of scoffed at the “pirates open validation servers” articles because, if I was MS, I’d have done that myself - let tons of other locations help me do test-marketing on the product and then sweep in on Day 1 or 2 of Official Release with the fixes AND the kill-jobs on those validation IDs.


#4

[QUOTE=ChristineBCW;2653864]I wouldn’t expect Microsoft to worry about fixing pre-release issues, but I’m sure they’ve already got a stack of WinUpdates to perform. This is why I’ve sort of scoffed at the “pirates open validation servers” articles because, if I was MS, I’d have done that myself - let tons of other locations help me do test-marketing on the product and then sweep in on Day 1 or 2 of Official Release with the fixes AND the kill-jobs on those validation IDs.[/QUOTE]

Those kill job updates for invalid ID’s might be optional updates, much like they are in Windows 7 and even then, you just get a nag message and black desktop if found to be invalid. MS once said “we don’t support piracy, but if you’re going to pirate an OS, then pirate ours”.


#5

[QUOTE=blegs38552;2653861]Use Firefox or Chrome if you are running this. Does anyone know if this is the desktop and the “metro” version or both?[/QUOTE]
That’s a good question. I believe both versions are vulnerable until MS gets around to patching it.


#6

well hopefully they patch the java too here is an example of the java exploit in windows 8 http://youtu.be/qixpEToz2LU
or you can just do a youtube search for "testing of windows 8"
the recent IE exploit is here
http://www.youtube.com/watch?v=2UlN9W6NGqY
on a side note windows has the biggest share of the market so it will be the biggest target their is exploits for linux apple as well


#7

The fix from Microsoft was posted through Windows Update yesterday.


#8

[QUOTE=Gummigutta;2655883]The fix from Microsoft was posted through Windows Update yesterday.[/QUOTE]

Yeah Microsoft relented on that one due to the potential adverse publicity.

It wasn’t originally going to be worked on so soon.

[B]Wombler[/B]


#9

I am shaking my head at MS, truly. Of course, I’m wondering if someone at MS didn’t lose theirs! “We can’t even get it out the door before our so-called great new security features are shot?!!”

Oh, the joys of the French Revolution…


#10

I just read an interesting bit about IE10 in Windows 8. The version of IE10 in the [I]“New Windows UI”[/I] will only work with flash on sites that are white listed by Microsoft.

The other version, on the desktop, will be able to run flash as always.
http://msdn.microsoft.com/en-us/library/ie/jj193557(v=vs.85).aspx

Has anyone ever seen a more schizo operating system than this?


#11

Personally, I don’t us IE much these days, anyway. Sorry, IE, but I love Firefox.

PS: What is Internet Explorer, if not the (illegal) death of Netscape, mixed with evolution and bad decisions?