Open Source Firm Releases Patch for IE Bug [UPDATED] 544
An anonymous reader writes "An open source and freeware software development web site has released a patch to fix the URL spoofing vulnerability in Internet Explorer, which can be exploited by scammers who try to trick people into revealing details of online banking accounts or other private information." Naturally, the source for the patch is available as well. Update: 12/19 15:06 GMT by M : Sadly, the patch appears to contain a buffer overflow and some possibly-malicious code - see an analysis and news story, and this comment which suggests the patch author is trying to figure out who is taking advantage of the original vulnerability. Caveat patcher.
No Trusted Computing logo on patch? (Score:5, Funny)
Re:Acceptance? (Score:5, Funny)
To quote the wise sages of the Quake 3 voiceover...
HUMILIATION!
New MS Security Fix (Score:5, Funny)
What the "patch" really does.... (Score:5, Funny)
No thanks (Score:5, Funny)
OMG!!! (Score:5, Funny)
Someone start knitting a sweater for Satan...
did anyone else feel it... (Score:4, Funny)
The patch was released a while back!!! (Score:2, Funny)
How does this affect IE, the MS EULA, and all the other wonderful legal stuff that could be dragged out simply because you modified software that wasn't meant to be modified outside the confines of One Microsoft Way?
Patch on, I guess...if you must. I sleep much more soundly with my RH9 and Firebird.
Re:... huh? (Score:5, Funny)
Crikey, mate. (Score:3, Funny)
That's not a link! This is a link:
http://www.openwares.org/downloads/IEpatch.EXE [openwares.org]
P.S. I haven't actually tried the executable out, I just added the clickable goodness. I also couldn't pass up the chance to make a Crocodile Dundee joke.
In other news... (Score:5, Funny)
In other news...
Today Micro$oft contributed code to the Linux kernel, and announced plans to help iron out differences between Mozilla and MSIE :-)
Poor Microsoft... (Not really, but...) (Score:2, Funny)
Microsoft's biggest software threat gets a huge update, one of their own products gets a patch by a third party, Real Networks sues them for monopolistic activities, and Lord of the Rings - Return of the King (a movie made with cheap Linux boxes) is realeased. All this in a 48 hour period!
Man, it's been a rough couple of days.
Sm:)e.
Re:Seriously. (Score:2, Funny)
(t'was easy, sorry)
Re: isnt reverse engineering against the EULA? (Score:3, Funny)
Free IE patch and fix. (Score:5, Funny)
Re:did anyone else feel it... (Score:5, Funny)
Yes, of course! The subpoena will mention them by name.
Re:And this matters why? (Score:5, Funny)
Re:No Trusted Computing logo on patch? (Score:5, Funny)
How about this one .... (Score:4, Funny)
Re:... huh? (Score:5, Funny)
If this patch gets the press coverage that it deserves, maybe people will learn to take Microsoft's claims of better security response rates than those open-source folk, with a grain of salt.
Or maybe Microsoft will actually start working harder to keep their software secure in a timely manner?
</fingers_crossed>Re:This doesn't actually fix the problem (Score:4, Funny)
It's no replacement for... nothing, in other words?
Microsoft hasn't even said they're *going* to patch this yet, you may be waiting an awful long time.
Re:Can we really trust this patch? (Score:5, Funny)
You know, the same could be asked of Internet Explorer.
Re:Inept and free! (Score:5, Funny)
Deee-licious (Score:1, Funny)
Re:DMCA violator (Score:0, Funny)
Re:How were they able to make such a patch... (Score:5, Funny)
Don't bother. I'm so 31337 that I just hacked that 127.0.0.1 loser... In a minute someone should be noticing their root file system missing.... Heheheh
Hmmmm.... That's funny.... Where'd my MP3's go......
Re:No Trusted Computing logo on patch? (Score:3, Funny)
Re:No Trusted Computing logo on patch? (Score:5, Funny)
Of course it isn't a trojan. It's a legitimate security update which gets run on your system and makes IE invulnerable to that particular spoof attack. Why, openwares.org even has a definition on their site of what a trojan is:
Trick unsuspecting users into downloading harmful viruses
by disguising them as legitimate security updates.
So you see, this is nothing more than a legitimate security upd... wait a second!!
Re:Do Not Use It-It's Got a Huge Vulnerability Its (Score:5, Funny)
In Other Other News... (Score:4, Funny)
Shrewd investors continue to laugh at the SCO Group's activities and have the following comments:
"The funniest thing I've seen since the Paris Hilton tapes!" - MSN
"A gut buster worthy of John Belushi - but SCO does more drugs" - Timothy Leary
SCO also announced that Caldera Linux licences still outpace all other SCO products - excluding lawsuits - by a 2:1 margin. Darl announced that they expect to make that 3 to 1 by next summer before they are purchased outright by IBM for $1.50 and a can of Red Bull.
Gasp! You violated copyright! (Score:3, Funny)
//
// By using this source code, you agree to the
// following terms:
//
// 1) You may use the source code, resource
// files for educational purposes only.
// 2) You MAY NOT redistribute this source code
// without written permission. Failure to do
// so is a violation of copyright laws.
// 3) The author of this code may have retained
// certain "additional copyright rights".
// If so, this is indicated in the author's
// description.
Re:How were they able to make such a patch... (Score:3, Funny)
Re:Use MyIE2 0.9.11 (Score:2, Funny)