Export thread

IE and Java exploitable. Still.

Jul 6, 2013#1

strawman

http://arstechnica.com/security/2013/07/darkleech-infects-40k-apache-site-addresses/

A significant security threat emerged in Apache, which is the software that serves over half the websites in the world. Over 40,000 websites have been compromised in the past nine months.

The crackers detect the browser you're running, and whether you have java installed. If you're using IE or Java that haven't been updated in the last few months, the website redirects you automatically to the cracker's website, where malware/trojans/viruses are installed for a variety of purposes.

Thus, once again, confirming what geeks and nerds already know: IE and Java are bad news and to be avoided if possible.

Jul 6, 2013#2

Tress

I have a hard time avoiding Java, though. Is there a serviceable replacement, or do I have to go without the different websites and services that use it?

Jul 6, 2013#3

strawman

Tress said:
I have a hard time avoiding Java, though. Is there a serviceable replacement, or do I have to go without the different websites and services that use it?

Just update java every time there's an update available. The most recent version of java doesn't have the hole this particular exploit looks for.

I believe IE's latest security fix resolves the problem as well.

But new exploits will be found as time goes on - just remember to keep them up to date and you should have few issues. The real problem is so few actually keep their software up to date. Well, I guess that's secondary to the real problem of MS and Sun introducing the exploits into the software in the first place...

Jul 6, 2013#4

Ravenpoe

Maybe this is my nerd bias speaking, but I think the majority of people that use IE don't update it. The majority of people who use IE are people like my mom, who call me to ask if I've heard of Bonzi Buddy and to tell me she just downloaded five of them.

Jul 6, 2013#5

Bowielee

Ravenpoe said:
Maybe this is my nerd bias speaking, but I think the majority of people that use IE don't update it. The majority of people who use IE are people like my mom, who call me to ask if I've heard of Bonzi Buddy and to tell me she just downloaded five of them.

lol, Bonzai Buddy... that takes me back to circa 1999.

For the record, the only reason that IE and Java are as exploited as they are is because they are the most popular software, not because they're particularly exploitable.

Jul 6, 2013#6

sixpackshaker

Just how much money does Microsoft make by leaving all the exploits open?

/conspiracy theory off

Jul 6, 2013#7

Bowielee

sixpackshaker said:
Just how much money does Microsoft make by leaving all the exploits open?

/conspiracy theory off

How would they make money?

Jul 6, 2013#8

sixpackshaker

Bowielee said:
How would they make money?

Kickbacks or selling the exploits.

Jul 6, 2013#9

Bowielee

sixpackshaker said:
Kickbacks or selling the exploits.

Yeah, you're entering tinfoil hat territory there.

Jul 6, 2013#10

sixpackshaker

Bowielee said:
Yeah, you're entering tinfoil hat territory there.

That is why I signed off like I did...

Forums