• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

IE vulnerability

Joined
Sep 1, 2010
Messages
6,050 (2.16/day)
Likes
6,902
#1
This December seems to be an annoying one. Vulnerability in flash made IE and Chrome vulnerable. We had Cumulative Security Update for Internet Explorer but now there's other unpatched vulnerability ... in IE ... gosh not again :rolleyes: All these <specially crafted webpages> ...

Spider.io claims to have discovered a flaw that affects IE, versions 6 through 10. The vulnerability reportedly allows the mouse cursor position to be tracked wherever it is on the screen - even if IE is minimized.
Wow ...

The vulnerability was not addressed in the most recent security update for IE. Spider.io asserts that the flaw is being actively exploited, and claims the Microsoft Security Research Center (MSRC) <has acknowledged the vulnerability>, but has no immediate plan to patch it.
Lolwut ...

Qualys CTO Wolfgang Kandek expressed concerns over the implications such a vulnerability might have for online banking. Many banks have implemented on-screen virtual keyboards for entering account credentials as a means of avoiding traditional keylogger attacks.

Andrew Storms, director of security operations for nCircle, agrees. “This exploit renders that mitigation null and void - it has the effect of a key logger on virtual keyboards. Attackers could potentially capture the clicks connected with banking credentials using this exploit and that isn't good news for the 63 million Americans that bank online.”
Whateva ..

Ok people, be safe.

thxbai
 
Joined
Mar 31, 2007
Messages
1,895 (0.47/day)
Likes
162
Location
ontario canada
System Name home brew
Processor Intel Corei7 3770K OC @ 4.5Ghz
Motherboard ASUS P8Z77-V
Cooling Corsair H100
Memory 16GB DDR3 1600 GSKILL
Video Card(s) Powercolor Radeon 7970, MSI Radeon 7970
Storage Mushkin Chronos Deluxe 240gb. 2 TB Hdd.
Display(s) 3x24inch Dell Ultra IPS
Case CM storm trooper
Power Supply Antec Quattro OC ed. 1200w
Software Windows 7 Business x64
Benchmark Scores vantage: P43089
#2
i just find its hilarious that it affects basically all current versions of IE. good job microsoft.
 

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
21,000 (5.31/day)
Likes
5,949
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
Joined
Sep 1, 2010
Messages
6,050 (2.16/day)
Likes
6,902
#4
IE ... poor thing give it a break ...

Hackers find another zero-day hole in Internet Explorer

An elite hacker group credited last year with having an inexhaustible supply of zero-day vulnerabilities was responsible for digging up and first using the newest unpatched bug in IE, a Symantec manager said.

The gang, dubbed "Elderwood" after a source code variable regularly used by the hackers, had been profiled last September by Symantec in a research paper that outlined its strategies as well as its hacking tactics.
 

lyndonguitar

I play games
Joined
Apr 1, 2010
Messages
1,876 (0.64/day)
Likes
536
Location
Philippines
System Name X6 | Lyndon-ROG
Processor Intel Core i7-8700k | Intel Core i7 6700HQ
Motherboard Gigabyte Z370 Aorus Gaming 5 | Asus ROG-GL552VX
Cooling Deepcool Captain 240EX
Memory 16GB Corsair Vengeance LED | 8 GB
Video Card(s) NVIDIA GTX 1080 8 GB GDDR5X | NVIDIA GeForce GTX 950M 4GB
Storage SSDs: 500GB, HDDs: 2TB, 2TB, 3TB | SSD: 250GB, HDD: 1TB
Display(s) BenQ XL2411 1080p@144Hz, 32" HDTV, 19" Monitor | 15.6"1080p
Case Cougar Panzer Max
Audio Device(s) Corsair Gaming H1500 7.1 | ROCCAT Kave 5.1 | Edifier M3200
Power Supply EVGA 750GQ
Mouse Razer Deathadder Chroma | Logitech G302 | Mad Catz Cyborg R.A.T. 5
Keyboard Corsair Vengeance K70 Cherry MX Red
Software Windows 10
#6
only the cursor? I'll not be surprised if somehow keys can be logged as well

but has no immediate plan to patch it.
good job! lol is this fixed yet?