# [Internet Explorer] Critical Warning

Staff Emeritus
[Internet Explorer] Critical Warning!!!!

There is a 0day IE6 remote exploit and code is already readily available on the Internet.

Background
---------------
A 0day exploit is such an advanced exploit that Microsoft hasn't created patches for it and probably won't start working on it until today. This means you'll be lucky to get a patch by next week.

A remote exploit means that no human input is required to become infected.

Affected Products:
-----------------------

Microsoft Internet Explorer 6 for Microsoft Windows XP SP2
Microsoft Internet Explorer 6 for Microsoft Windows XP SP1

Microsoft Office 2002
Microsoft Office 2000
Microsoft Office XP
Microsoft Visio
Microsoft Project
Microsoft .NET Framework 1.1
Microsoft Access
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio .NET 2002
ATI Catalyst drivers
And More....

Solution:
-----------

Use Mozilla Firefox or use any other browser not Internet Explorer 6.

http://www.mozilla.org/

 Update 1: SANS has release an UNOFFICIAL patch for this hole. You can find it here:

http://isc.sans.org/msddskillbit.php [Broken]

Be warned that you will break programs that use the particular dll that is patched. This includes MS Office, .NET framework, Visio, etc

Use it at your own risk.

Last edited by a moderator:

dduardo said:
Solution:
-----------
Upgrade to Mozilla Firefox or use any other browser not Internet Explorer 6.
op·por·tun·ism
noun

: the art, policy, or practice of taking advantage of opportunities or circumstances, especially with little regard for principles or ultimate consequences

Staff Emeritus
Hey, what do you want me to say? Just don't use Internet Explorer 6? I have to give people options.

Last edited:
JamesU
Gold Member
f-i-r-e-f-o-x i-s b-e-t-t-e-r

Little regard toward ultimate consequences, I would have to disagree with that part.

I personally do not see what is wrong with dduardo's post. I could see people being safer by not using IE for the next week or so.

Staff Emeritus
This is from an older exploit but still applies:

"CERT recommends that Explorer users consider other browsers that are not affected by the attack, such as Mozilla, Mozilla Firefox, Netscape and Opera. Mac, Linux and other non-Windows operating systems are immune from this attack. For people who continue to use the Internet Explorer, CERT and Microsoft recommend setting the browser's security settings to "high," but that can impair some browsing functions."

For those who don't know: U.S. Computer Emergency Readiness Team (US-CERT), a division of the Department of Homeland Security.

Internet Explorer is a national security risk.

Staff Emeritus
Yes, that's the exploit code. Thanks for posting it.

Staff Emeritus
The problem is most people have ActiveX enabled. It's on by default.

DaveC426913
Gold Member
dduardo said:
Hey, what do you want me to say? Just don't use Internet Explorer 6? I have to give people options.
Options. Yah. Not that you're biased or anything...

Staff Emeritus
DaveC426913 said:
Options. Yah. Not that you're biased or anything...

Go ahead and pick anything other than IE. That's fine.

DaveC426913
Gold Member
mattmns said:
He is giving the best option there is for windows users, imo.
Certainly. Let's just call a spade a spade and not pretend that dduardo's interests are wholely altruistic, or given with *our* best interests in mind. As HitSquad points out, an ostensible warning about a virus was used opportunistically to flog Firefox.

I think given that there have been new critical worms that just came out and now this IE exploit, this is definitely in the best interest of anyone using Windows and Internet Explorer. Yes dduardo may have used it to promote firefox, but firefox is one of the best alternatives to IE.

If your car had some serious problem you would probably swap it for a rental, or another car for a week or so, and I think the same can be said for web browsers. IE is having some major problems at the moment and therefore people should look to other browsers for now.

Staff Emeritus
DaveC426913 said:
Certainly. Let's just call a spade a spade and not pretend that dduardo's interests are wholely altruistic, or given with *our* best interests in mind. As HitSquad points out, an ostensible warning about a virus was used opportunistically to flog Firefox.

I am posting internet security warnings that are rated critical and could potentially harm a large group of people. I could careless if it has to do with IE or not. I'll post firefox security warnings if the exploits are critical. My intention is to inform people of security problems that could cause major loss of data or cause data to be compromised.

What do I have to gain by promoting Firefox? I'm not a mozilla developer. I'm not making money off firefox. I'm not competing against Microsoft. I just firmly believe that firefox is a better browser than IE. Is that wrong? Is it wrong for CERT to recommend that people use another browser? I'm not forcing you to switch. That's your poragative. Don't turn this into a religious war.

Evo
Mentor
I for one applaud dduardo for bringing the potential problem to people's attention, even if he is getting $50 every time someone installs firefox. Skyhunter How go you turn off Active-X controls? Staff Emeritus If you turn off active-x you won't be able to visit microsoft's update site. In addtion you could also end up crippling some of your common software apps like excel, word, etc since they use active-x controls to run various scripts. But this depends on which features of the software you use. If you surf the web with any other browser other than IE and don't use IE within other apps like outlook you should be fine. Only use IE to visit mcirosoft's update site. This is how I do it with windows machines I admin and they are always up and running without problems. Moonbear Staff Emeritus Science Advisor Gold Member Evo said: I for one applaud dduardo for bringing the potential problem to people's attention, even if he is getting$50 every time someone installs firefox.
I was going to ask if he has stock in Mozilla. :rofl: Why is everyone jumping on dduardo for recommending something that's free to download? It's not like he's selling something, he's recommending a free alternative to a browser that currently presents a security risk. If you feel committed to IE for whatever reason, just use Firefox for a week or so until there's a patch available and then go back to IE again. I can't even remember a time when I didn't have two browsers installed on my computer and am having a hard time understanding why people are so worked up about it.

I appreciate that dduardo is trying to keep people informed of security threats that are popping up right now.

Microsoft is a big company, and I am sure some people here have stock in MS. Personally I would not like someone messing with my money either.

Moonbear said:
If you feel committed to IE for whatever reason, just use Firefox for a week or so until there's a patch available
IE is not a security risk. ActiveX is. Firefox does not have ActiveX. IE lets you turn it on or off. IE is just like Firefox when you turn ActiveX off.

Moonbear
Staff Emeritus
Gold Member
IE is not a security risk. ActiveX is. Firefox does not have ActiveX. IE lets you turn it on or off. IE is just like Firefox when you turn ActiveX off.

But it sounds like IE doesn't work very well if you turn off ActiveX.

Moonbear said:
But it sounds like IE doesn't work very well if you turn off ActiveX.
If IE didn't work very well with ActiveX turned off, how would Firefox work any better?

Don't you need XP SP2 to turn ActiveX off?

edit.. Maybe not, I have seen solutions for turning it off in IE 4 and 5.

Last edited: