New IE Vulnerability Used In Targeted Attacks; IE9, IE10 Users Safe 169
An anonymous reader writes "Criminals are using a new Internet Explorer security hole to attack Windows computers in targeted attacks, though the vulnerability could end up being more widely exploited. While IE9 and IE10 are not affected, versions IE6, IE7, and IE8 are. It's great to see that the latest versions of IE are immune, but this new vulnerability is still bad news for Windows XP users and earlier since they cannot upgrade to more recent versions of Microsoft's browser. 'We are actively investigating reports of a small, targeted issue affecting Internet Explorer 6-8,' Dustin Childs of Microsoft Trustworthy Computing told TNW. 'We will take appropriate action to help keep customers protected once our analysis is complete. People using Internet Explorer 9-10 are not impacted.'"
I don't feel sorry for those IE users (Score:2, Interesting)
Anyone still using IE6 or IE7 deserves to get hacked anyway. I might have a crocodile tear for IE8 users
Obligatory update patch (Score:4, Interesting)
Obligatory: Get the update patch here: http://www.mozilla.org/en-US/firefox/new/ [mozilla.org]
What about Compatibility View? (Score:5, Interesting)
Compatibility View seems to turn IE 8-10 into IE 7... And I find people using it all the bloody time (and for no good reason other than they didn't like how the newer version CORRECTLY rendered some random page they were used to seeing broken!). So is Compatibility View immune to the exploit? I'm unclear whether IE has a separate engine for this or just uses some bizarre CSS definitions to achieve the brokenness...