l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2012 May 28 09:01

Reasons to Avoid Microsoft


[Bug] [Education] [Government] [Fear, Uncertainty, Doubt] [Security Hole] [MSN Hotmail] [MS Internet Explorer] [MS IIS Webserver] [MSN Instant Messenger] [License] [Linux/Open Source] [Monopoly] [MS Outlook] [Piracy] [Privacy] [Virus/Worm] [MS XBox] [MS Windows XP] [WOW!]
Show All

[MS Internet Explorer]

MS Internet Explorer


These pages are a compilation of links and quotes to news articles and others sources that might help convince you to switch to Linux.


    Warning: Missing argument 6 for item(), called in /var/www/lugod/microsoft/index.php on line 637 and defined in /var/www/lugod/microsoft/includes.php on line 38
  • Really critical hole in Microsoft Web software (The Register, 2002.11.21)
    [Security Hole] [MS Internet Explorer] [MS IIS Webserver] [WOW!] ust one day after raising the threshold beyond which it considers security vulnerabilities 'critical,' Microsoft Corp released a security advisory saying there is a 'critical' hole in its browsers and web servers that could cause serious problems, even if it is patched. ... 'This vulnerability is rated critical because an attacker could take over an IIS server or an Internet Explorer client and run code,' Microsoft warned. ... To make matters worse, it is currently possible to make patched systems vulnerable again, Microsoft said. A malicious attacker would be able to reintroduce the vulnerable control with just a specially [written] HTML document. Users that have their browsers configured to trust Microsoft-signed ActiveX controls by default would have the vulnerability reintroduced without their knowledge.

  • Microsoft discloses 'critical' security flaws - Office, IE lapses put millions in danger of being hacked (CNN, 2002.Aug.23)
    [Security Hole] [MS Internet Explorer] [Privacy] [WOW!] Microsoft Corp. said ... that 'critical' security lapses in its Office software and Internet Explorer Web browser put tens of millions of users at risk of having their files read and altered by online attackers. ... [An] attacker, using e-mail or a Web page, could... alter data and wipe out the hard drive as well as view file and clipboard contents on a user's system. ... In addition [they] reported vulnerabilities in the three latest versions of [Internet Explorer] that allows infiltrators to read files.

  • MS security hole extravaganza (The Register, 2002.Jun.13)
    [Security Hole] [MS IIS Webserver] [MS Windows XP] [MSN Instant Messenger] [MS Internet Explorer] [WOW!] MS has been sitting on a number of security holes which it's decided to dump on us all at once. ... MS soft-pedals the severity in classic form, labeling this one "Moderate." But the eEye bulletin rightly points out that a target machine can be owned with a single session if the attacker knows what he's doing. ... Apparently, users had trusted the MS patch to fix their systems properly. Well it didn't... Apparently, the [previously reported Gopher exploit] is a bit worse than MS had originally thought, and affects not [just] IE...

  • Security Flaw Found in Explorer (Yahoo! Finance, 2002.Jun.04)
    [MS Internet Explorer] [Security Hole] [WOW!] A security flaw in Microsoft's Internet Explorer browser could allow a hacker to take control of a remote computer if its user clicks a link... [A] hacker could take over a user's computer simply by having the user click on a link... That one click would install and run any program the hacker chose on the victim's computer, and the victim might never know. ... All versions of Internet Explorer are believed to be vulnerable...

  • The pop-up ad campaign from hell (Salon, 2002.May.07)
    [MS Internet Explorer] [WOW!] It's the latest in Web marketing innovation: Hijacked Web surfers, exploited Web browser vulnerabilities and malicious spyware all wrapped up together. ... Thousands of unsuspecting visitors to a family entertainment site are discovering a cornucopia of unwanted, potentially malicious software on their computers -- the result of a pop-up ad campaign, a booby-trapped Web site, [and] a compromised Web browser... code in the pages at [the malicious website] exploited a known flaw in [the] Internet Explorer browser to covertly download the first of 10 files onto visitors' computers. ... 'When you exploit a security bug to get your program onto someone's PC, you've crossed the boundary into what we consider malicious'...

  • Using the backbutton in IE is dangerous (BugTraq, 2002.Apr.14)
    [MS Internet Explorer] [Security Hole] [WOW!] IE allows urls containing the javascript protocol in the history list. Code injected in the url will operate in the same zone/domain as the last url viewed. The javascript url can be set to trigger when a user presses the backbutton.

  • Microsoft: Can't pull IE from Windows (CNN, 2002.Mar.05)
    [MS Internet Explorer] Allchin admitted to lawyers for the states that Microsoft violated the law... The company faces several allegations of violations that involve infringing on consumer choice and unfairly hurting competitors.

  • Removing IE would kill Win2k, WinXP, MS, says Redmond (The Register, 2002.Mar.04)
    [MS Internet Explorer] [MS Windows XP] [Fear, Uncertainty, Doubt] Both Windows XP and Windows 2000 will be rendered inoperable, and Microsoft will be unable to develop future new operating systems, if it is forced to separate IE from the operating system, according to court filings the company made on Friday. ... [An] mail from Bill Gates from February 1997 [said] it would be important to leverage the OS to make people use IE instead of Navigator, and there was much else that suggested bolting the two together was a predatory decision, rather than a technical one.

  • Three new MS security holes - two nasty (The Register, 2002.Feb.22)
    [Security Hole] [MS Internet Explorer] [WOW!] [A bug in] Microsoft XML Core Services ... [means] that an attacker could request data from the user's local drive. ... a defective ISAPI filter in Commerce Server 2000 ... can lead to a root compromised. ... [a problem in] VBscript in Internet Explorer ... could allow an attacker to read files on a victim's local drive, or eavesdrop on his browsing session. ... This could enable an attacker to glean personal information like login names and passwords, and credit card details.

  • Active exploitation of Windows IE javascript vulnerability (is|media, 2002.Feb.13)
    [MS Internet Explorer] [Security Hole] [WOW!] ...it can present users with random pop-up advertising of a questionable nature. ... it moves a user's home page or search page preference so it displays the site through a third-party, potentially exposing the user to additional ads or malicious software everytime they either use a default search or open a new browser window ... [and] prevents the user from adjusting their home page or search preferences, effectively locking them into the change. ... it is recommended users install any and all vendor supplied patches or switch to Netscape 6.2/Mozilla 0.9.8, browsers that do not appear to be vulnerable to this problem, primarily since they are not known to be vulnerable to the same flaw IE is. Since it changes take place in the Windows registry, only Windows users appear to be at risk.

  • Castles Built on Sand: Why Software is Insecure (Security Focus, 2002.Jan.30)
    [MS Internet Explorer] [Security Hole] Internet Explorer is one of many examples of insecure software. Some call Internet Explorer the browser that made the Internet accessible to the masses. Others call it an accident waiting to happen (again and again). ... Within nine days of its release the very first exploit for IE 3.0 was discovered... [Until Microsoft makes security a programming priority], organizations that base their operations on bug-weakened software will continue to be castles built on sand.

  • Microsoft To Plug Devastating Browser Download Hole (Newsbytes, 2001.Dec.11)
    [MS Internet Explorer] [Security Hole] [WOW!] [There is a] flaw in [Internet Explorer] that could allow an attacker to silently download and execute malicious programs on the computers of users who view a specially constructed Web page or e-mail message. ... The vulnerability affects IE for Windows versions 5, 5.5, and 6 ... as a result of the security flaw, a malicious Web site could 'relatively easily and unnoticeably ... spread virii, install DDoS zombies or backdoors, format hard disks, and so on'... The flaw is particularly dangerous because it can be exploited using ordinary Web page code, without help from JavaScript or other scripting programs... the IE download flaw [is] 'a very serious problem' and potentially one of the most severe ever to affect the browser. ... Microsoft initially denied that the ability to 'spoof' file types in IE represented a security vulnerability...

  • Cookie Data in IE Can Be Exposed or Altered Through Script Injection (Microsoft Tech Net, 2001.Nov.8)
    [MS Internet Explorer] [Privacy] [Security Hole] Who should read this bulletin: Customers using Microsoft Internet Explorer. Impact of vulnerability: Exposure and altering of data in cookies. Maximum Severity Rating: High.

  • Tim Berners-Lee on Microsoft's Latest Browser Tricks (SiliconValley.com, 2001.Oct.26)
    [MS Internet Explorer] [Monopoly] 'I have fought since the beginning of the Web for its openness: that anyone can read Web pages with any software running on any hardware. ... When I see any Web site claim to be only readable using particular hardware or software, I cringe... Amaya, the browser which W3C [itself] develops ... and which arguably has the best W3C compliance, is blocked from www.msn.com.' What has Microsoft learned from its antitrust experiences? 'I can't answer that one.'

  • New Windows XP Feature Can Re-Edit Others' Sites (Wall Street Journal, 2001.Jun.7)
    [MS Internet Explorer] [MS Windows XP] [Monopoly] [WOW!] One key test of Windows XP will be whether its features do more to benefit consumers or Microsoft's business plan. ... The feature ... allows Microsoft's Internet Explorer Web browser ... to turn any word on any Web site into a link to Microsoft's own Web sites and services, or to any other sites Microsoft favors. ... [Smart Tags] mean that the company that controls the Web browser is using that power to actually alter others' Web sites to its own advantage.

  • Windows XP may steer users' Web choices (C|Net News, 2001.Jun.6)
    [MS Internet Explorer] [MS Windows XP] [Monopoly] [WOW!] 'Wouldn't that be something?' [Gartner analyst Michael Silver] said. 'You spend millions of dollars designing a Web site, and Microsoft has a Smart Tag that sends (users) to one of (Microsoft's) own sites.'

  • Incorrect MIME Header Can Cause IE to Execute E-mail Attachment (Microsoft, 2001.Mar.29)
    [MS Internet Explorer] [Security Hole] [WOW!] Who should read this bulletin: Customers using Microsoft Internet Explorer.

    Impact of vulnerability: Run code of attacker's choice.

  • IE 5.5 Tracking Default Bookmarks (Slashdot.org, 2000.Sep.13)
    [MS Internet Explorer] [Privacy] [WOW!] [The] default bookmarks in Microsoft Explorer 5.5 [...] go via a redirection via Microsoft.

  • IE Feature Can Track Web Surfers Without Warning (c|net News, 2000.Sep.11)
    [MS Internet Explorer] [Privacy] Privacy advocates complain [...] that Web sites could uniquely identify visitors as they return over time--without any warning from IE.


Collection originally created by, donated to LUGOD by, and maintained by Bill Kendrick.

Microsoft, Internet Explorer, Outlook, IIS, XP, XBox, etc. are trademarks or registered trademarks of Microsoft.
Linux is a trademark of Linus Torvalds.
Most category icons created by Bill Kendrick.


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!