SillyDog701

[Antony]

Microsoft has issued a critical security alert that affects 900 million people using its Internet Explorer web browser.
The computer giant warned of a newly-discovered flaw in Windows that could be exploited by hackers to steal personal details or take over computers.
The glitch is so severe it potentially affects every user of Internet Explorer.
Firefox, Google Chrome and Safari browsers are all unaffected by the threat because, unlike Internet Explorer, they don't support MHTML files, where the problem lies.
The loophole only seems to affect the way Internet Explorer handles some web pages.

Microsoft just said that the bug was inside Windows, presumably because they don't want users to migrate to other browsers.
This means it affects all versions of the operating system currently supported including Windows XP (SP3), Windows Vista, Windows 7, Windows Server 2003 and Windows Server 2008 (R2).

A Windows update to fix the bug has not yet been released. In the meantime, Internet Explorer users are being urged to patch their browser with a Microsoft Fix-it patch available here.

Microsoft releases Security Advisory 2501696 (28 January 2011)

Source: Internet Explorer users at risk as Microsoft moves to address major security flaw (news.com.au)

UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101203 AlexaToolbar/alxf-2.0 Firefox/3.6.13

[richard mitnick]

nine hundred million? Isn't that just about all of the computers in the world?

I do not trust that figure.

>>RSM

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ImageShackToolbar/5.2.4 ( .NET CLR 3.5.30729; .NET4.0C)

[Don_HH2K]

nine hundred million? Isn't that just about all of the computers in the world?

I do not trust that figure.

>>RSM

Probably not - I just pulled some data off the UN website, and in 2008 while the world population was 6.7 billion, about 1.2 billion of those were living in what the UN classified as economically developed countires. Consider that the majority of first-world citizens have at least one computer, somewhere over 90% of those computers are running Windows, many people have more than one computer (almost everyone on this forum is guilty of this), and various businesses, schools, and government agencies can have upwards of tens of thousands of computers deployed running Windows.

My guess as to why the figure is so large is that Microsoft is advertsing the bug as affecting Windows as a whole, due to Microsoft advertising Internet Explorer as a "component" of windows and the tight integration between the browser and the OS itself.

UserAgent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101209 CentOS/3.6-2.el5.centos Firefox/3.6.13

[Antony]

many people have more than one computer (almost everyone on this forum is guilty of this)

Well, I don't have a windows PC machine at all. Unless you count my Windows based mobile phone.

So, Don, what is the updated number of computers you have?

UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101203 AlexaToolbar/alxf-2.0 Firefox/3.6.13

[Don_HH2K]

Only four in service - my laptop (with broken screen), my old old laptop (without broken screen and really just a dumb terminal), my Sun desktop (text only at the moment), and my mail server (650km away). Since you don't count your phone or retired machines / machines for sale, neither will I.

UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; PalmSource/hspr-H102; Blazer/4.2) 16;320x320

[James]

I think the so-called threat is vastly blown out of proportion to most of us. There's always a potential for security issues regardless of the browser and operating system being used. Really... the only safe way is to simply pull the plug on the computer and forget about the internet.

UserAgent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

[Antony]

Really... the only safe way is to simply pull the plug on the computer and forget about the internet.

That was what I had been doing before.

I had a Windows 2000 (a guest OS under Parallels Desktop for Mac), which I only used it to run one Windows application. I did not bother with all sorts of software updates, zero anti-virus (or any other protection on Windows). The files I worked on had to be copied in and out via Mac, as well as printing.

Until January 2010, I had another guest OS (Windows XP SP2) under Parallels Desktop for Mac, does only one task for me, syncing the GPS data recorded from GPS recorder (Sony GPS-CS1KASP) to photos I took. You can blame Sony for only releasing the syncing application for Windows. Again, no anti-virus, no additional protections. Why bother?
(Anyhow, I stopped using this after I upgraded the GPS tracker to Sony GPS-CS3KA which syncs directly to the memory card.)

I know some of you wouldn't approve what I did, but well, those particular guest OS does not get connected to outside world at all.

UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101203 AlexaToolbar/alxf-2.0 Firefox/3.6.13

[richard mitnick]

Antony-

Hey, you do what works for you. It is not up to others to approve or disapprove.

>>RSM

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ImageShackToolbar/5.2.4 ( .NET CLR 3.5.30729; .NET4.0C)

[Antony]

Since you don't count your phone or retired machines / machines for sale, neither will I.

When people count the number of their computer, no one counts their mobile phones.

UserAgent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101203 AlexaToolbar/alxf-2.0 Firefox/3.6.13