Microsoft releases emergency fix for IE7
Microsoft is planning to release an out-of-band patch for Internet Explorer on Wednesday to address a critical security vulnerability that is being actively exploited.The company on Saturday warned that 1 in 500 Internet Explorer users worldwide may have been exposed to malware hosted at both legitimate Web sites and porn sites that exploit an unpatched vulnerability. Microsoft confirmed finding exploit code on a search engine in Taiwan and on a Web site in Hong Kong that serves adult entertainment content.”Based on our stats, since the vulnerability has gone public, roughly 0.2% of users worldwide may have been exposed to websites containing exploits of this latest vulnerability,” Microsoft Security Response Center researchers Ziv Mador and Tareq Saade said in a blog post. “That percentage may seem low, however it still means that a significant number of users have been affected. The trend for now is going upwards: We saw an increase of over 50% in the number of reports today compared to yesterday.”
Microsoft’s estimate works out to as many as 1.4 million potential victims, assuming there are a billion active Internet users (estimates range from 800 million to 1.5 billion), about 70% of whom are using Internet Explorer. The number of potential victims would drop to 940,000 if only Internet Explorer 7 users (47% browser market share) were affected. And those numbers represent only potential victims: Not all those exposed would be necessarily become infected. Since last Tuesday, Microsoft has updated its advisory four times. It expanded the list of potentially affected versions of Internet Explorer to include not only IE 7, but also IE 5.01 SP4, IE 6, IE 6 SP1, and IE 8 Beta 2. It also added several workaround options that involve disabling certain features.
Source: InternetWeek
Comments(36)
Who doesn’t use FireFox?
People still use IE?
I don’t usually reply to trolls, but you’re failed attempt made me reconsider. Based on the fact that I can read, I’d say about 70% of Internet user.
But then, English is not my forte
bah i havent used internet exp in years so im not scared lol.
@1
Why would you use Firefox? It’s extremely insecure!
http://www.dailytech.com/Firefox+Most+Risky+App+to+Businesses+in+New+Study/article13669.htm
Much better idea to use Google Chrome. It puts each tab in it’s own sandbox.
OK…so for a couple of ears Ive been using Firefox but since the last couple of months I had a lot of problems with it…memory leaks, crashes etc. So much so that I have been considering switching back to IE until FF becomes more stable. Im fully protected (as fully as possible anyway) and have scanned with virus & malware s/w. Anyone else been having problems with FF recently?
aahh,i hate IE
FF 4ever 
How many patches can be applied to one software application? I just picture this little ‘e’ that is covered in 10′ of bandages. What a pathetic piece of crap.
I use Firefox and Chrome.. But It seems Microsoft at least puts effort into their security.. I mean they found this on a Taiwan search engine… I don’t see FF looking up in different languages for exploits..
Firefox with Adblock, NoScript, and Web Of Trust that’s all I need. As for IE, the only reason I keep it is because there are a couple of maverick websites that only work properly on IE.
roughly 0.2% of users worldwide <—- thats not alot
“How many patches can be applied to one software application?”
Ask Mozilla. More bugs have been found in Firefox than IE6 and 7 added together.
Remember that gigantic security flaw in Adobe Reader? Firefox won’t protect you from that. Lots of websites still serve viral pdfs in an iframe.
Firefox releases patches too – 3.0.5 -> each one is a security related patch. Interface patches are reserved for the 3.1 increment.
can someone please say firefox, or any other browser for that matter, ftw
Lately (a few days) both my IE and FF browsers have been infested with tons of Malware garbage!! I have no idea what it is or how it happened but I cannot seem to rid my computer of it. Every time I try to visit sites (all trusted) I end up with nothing but popups and my Avast Pro going nuts with warnings!
It’s so bad I don’t even go on that computer anymore and use my laptop until it can be fixed!
@10 I agree with you. Some web sites work only in ie. that’s why I keep it too. I’m using firefox for 3 years. and its faster than ie7. most adwares are written for ie and I think ie is insecure.
@jr:
Mosaic FTW !!1!
Satisfied ?
Well it doesn’t shock me that alot of people still use IE. It comes with Window’s and the baby boomers done’t know any better. Gen x and Y are the primary users of FF. I aways laugh when all these old folks computers are ravaged with spyware and malware. That’s what you get for using EI.
FF FTW!
@15 I got a nasty piece of malware from clicking on the English subs link for the Day the Earth Stood Still posted by staff here on rlslog. I was not happy, but I finally got rid of it.
It is the usual pissing contest on the best browser. They both have flaws. Some people like me, an old baby boomer, prefer FF and know how to customize it. I have ad block, no script and a few other indispensable plugins. I know a few lazy Gen X and Y’s that are too lazy get FF and learn how to customize it. If you are getting infected with trojans and spyware then you have an issue with your AV and not necessarily the browser. There are more than enough morons who click through everything on the screen and that is where a good AV will help.
How is it that 46% of 800 millions (800,000,000) is 940,000?
Pff…Firefox rules, period!
What is the exploit and what does it do? I Make Pc repair housecalls and saw a vicious lsass.exe Application Error on Sunday. Possible sasser virus. It effects the Logon Script.
Really No One Today Uses IE At All
It Is Fire Fox’s Era
To Download Fire Fox Version 4.02.1 Beta : Rapidshare Link No Password
http://rapidshare.com/files/174096995/Firefox_20Setup_203.0.5.exe
P.S. Linux + FF + AdBlock Plus =
I use both only because I do web dev and need both to make sure sites work correctly in both.
I must say I prefer IE FF does alot of stuff but it takes for ever to load and I am already on the website by the time ff is opened plugin weigh it down to much they do not optimise its start up time and this makes me use IE which does what I need it to do.
If you have malware then format your computer, unless you know a lot about computers and can figure it out, its probably a dll that making it do all them nice things.
Linus = crap stop bashing on about them they are only good for servers.
Linus + headache + time consuming + hacking + mail server+ hacking+ exploit+ script kiddies + shell scripts + more headache + drivers+ headache = major headache.
I use IE on occasion when it’s all the website will work with I also use FF a lot now and have even starting using opera depending on how complex the site is as for chrome I hope google keeps updating and fixing it to give us a great app of all the browsers I would say Chrome has the best potential considering who is developing it
Konqueror/ Firefox keep me safe. What I don’t understand is why after so many catastrophic IE exploits people still use it. Guess everyone gets what they deserve for being foolish.
There’s always a major security flaw for IE. It’s like every once in a while this happens.
> I don’t see FF looking up in different languages for exploits..
Right, that is because if anyone discovers an exploit for Firefox it gets a filed as a bug very quickly since anyone can file a bug. It then gets fixed very quickly, since anyone can fix a bug. If a Firefox exploit ever gets popular enough for search engines to be indexing it, that means Mozilla.org would have failed badly. Microsoft has failed here. It’s hard to guess the reasons why, but they are out of touch. A million+ estimated infections says it all.
Firefox isn’t innately more secure than IE, but it has way more smart people looking for security problems in it than Microsoft can ever hire simply because it is so popular and open source.
No Opera users??
FF=garbage
IE=Even worse
Virgin Media to dump neutrality and target BitTorrent users
http://www.theregister.co.uk/2008/12/16/virgin_bittorrent/
@Moviefan
Exactly what I was going to say.Just try out opera people,let it grow on you and you’ll love every bit of it.Though some people do get kinda used to ff’s addon..
FireFox is terrible why would you want to wait 30 seconds for simple images to load, and I have 8m cable internet. Out of all the ones I have tried, Firefox is the slowest. I prefer older IE cause it’s simple and it’s layout isn’t wack like it’s trying to be Facebook (which is unorganized).
firefox is 1.5x faster then IE
much better layout and most importent STABLE!
i have IE because its not stable with a lot tabs open
IE sux DONKY AZZ