[DUG] Offtopic - but....
John Bird
johnkbird at paradise.net.nz
Fri Jan 22 11:00:13 NZDT 2010
Some more background about IE security holes.
-Symantec report several hundred sites now have variants of the IE attack
installed. Some are well known dynamic DNS sites. This add urgency to
installing updates.
-The link below reports Microsoft knew of this exploit 3 months ago - (but
had not fixed it). The link at MS however is either invalid or has been
taken down so this admission is no longer on MS site.
http://www.computerworld.com/s/article/9147058/Microsoft_patches_IE_admits_it_knew_of_bug_last_August
http://blogs.technet.com/msrc/archive/2010/01/21/bulletin-ms10-002-released.aspx
This is why I like Firefox's record of known breaches being fixed usually
within a day or two.
-There is debate about vulnerability of IE7 and IE8, in theory they are
vulnerable, as MS advisory says, but known breaches so far involved IE6.
http://www.theregister.co.uk/2010/01/21/ie_emergency_patch_released/
John
More information about the Delphi
mailing list