Major IE8 Flaw Makes "Safe" Sites Unsafe 83
After this weekend's report of a dangerous flaw in IE (which Microsoft confirmed today), intrudere points out an exclusive report in The Register on a new hole in IE8 that could allow an attacker to pull off cross-site scripting attacks on Web sites that ought, by rights, to be safe from XSS. This is according to two anonymous sources, who told El Reg that Microsoft had been notified of the vulnerability a few months ago.
See, Microsoft is right (Score:5, Funny)
IE8 is compatible with sites designed for IE6. You won't see other browsers going the extra mile like this.
Breaking News (Score:5, Funny)
Re:In other news (Score:2, Funny)
Part of me wonders if perhaps these vulnerabilities aren't being made a big deal of because of the reputation of IE6. The rest of me which started using Firefox a long time ago just feels smug and superior.
Dude, cutting yourself in half over a web browser seems a little extreme.
Re:Breaking News (Score:5, Funny)
If you fail to follow these simple security guidelines, you can't blame Microsoft for the results.
Re:In other news (Score:3, Funny)
I agree, that is excessive. BTW, do you use vim or emacs? I want to know whether or not I should call the hit.
Re:Breaking News (Score:4, Funny)
You forgot to do something to filter out those pages with the Evil Bit set (see RFC 3514 [ietf.org]).
Re:Breaking News (Score:4, Funny)
No no no... I think he's on to something there.
Re:Ummm (Score:5, Funny)
Please go to the "a new hole in IE8" article.
And if you're looking for the article to *read* it... yes, you are new here.
New IE8 security feature. (Score:1, Funny)
A New IE8 security feature... bug.... feature.... bug..... feature.... bug...... feature....bug.
Re:In other news (Score:3, Funny)
I think you are going overboard there. Just because Microsoft IE engineers have their head in the sand, that's no reason to call the whole project sandboxed. You inspired me to write a little one question deductive reasoning test, just for you:
Q: The degree and number of IE security problems compared to Firefox is like:
A) The number of people starving in Ethiopia compared to the number of people who couldn't Super-Size their McDonald's order today
B) The death toll in a plane crash compared to the death toll in a skateboarding accident
C) The pain involved in being shot in the stomach by a twelve gauge compared to the pain of a hangnail
D) All of the above
Good luck, and don't forget to phone a friend if possible!
And the moral of this story is: (Score:1, Funny)
"Friends don't let friends use Microsoft products without the services of a lawyer"
or was it, "in Soviet Redmond, browser uses you"?