Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Releases Fix It for vulnerability in Internet Explorer 8


  • Please log in to reply
5 replies to this topic

#1 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,593 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:10 PM

Posted 08 May 2013 - 10:46 PM

On May 3rd, Microsoft released an advisory about a vulnerability in Internet Explorer 8 that could allow specially crafted code to execute commands on your computer. It was later confirmed that there was actual exploits available on the Internet and that this vulnerability was actively being used by malware developers to infect your computer. The good news is that only Internet Explorer 8 is affected and that IE 7, 9, & 10 are not vulnerable.

If you are using Internet Explorer 8, Microsoft released a Fix It today that resolves this issue until a security update is released. This Fix It is labeled CVE-2013-1347 MSHTML Shim Workaround and can be found at the following address: http://support.microsoft.com/kb/2847140. It is strongly suggested that all users of IE 8 immediately install the Fix It that enables this feature. When a formal update is released, you can visit the same page and download the Fix It that disables this solution.

Please note that when you install this Microsoft Fix It, you will most likely be prompted by IE as to whether whether you wish to run Active Scripting or Content while browsing various web sites. If you know the site is safe, feel free to allow the content to run. Otherwise, do not allow it to do so.


BC AdBot (Login to Remove)

 


#2 HAv0k

HAv0k

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 08 May 2013 - 10:47 PM

You mean 9 and 10 aren't vulnerable YET! :)



#3 simpson_miller

simpson_miller

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 09 May 2013 - 11:52 AM

Vulnerability is everywhere in the computer However the fix it is a relax. I personally believe Microsoft could have given the work around in detail along with Fix it.


Simpson

#4 cmptrgy

cmptrgy

  • Members
  • 1,656 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Massachusetts
  • Local time:11:10 PM

Posted 09 May 2013 - 01:46 PM

Thank you for this info. I have friends who use XP with I8 and I'll check this out on their computers. Additionally thanks also for the Active Scripting or Content while browsing various web sites comments. I probably would have allowed it thinking its ok since this fix it comes from Microsoft but now that I've read and payed attention to what it means I will not allow it.



#5 MrBruce1959

MrBruce1959

    My cat Oreo


  • BC Advisor
  • 6,377 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norwich, Connecticut. in the USA
  • Local time:11:10 PM

Posted 10 May 2013 - 01:03 AM

Interesting that you mention CVE-2013-1347 on 5/5/2013 MSSE found EXPLOIT:Java CVE-2013-2423 on my Windows XP SP3 machine. along with Trojan:Win32/sirefef.bc and Trojan:HTML/Redirector.BB all those came from one web site that would not allow my IE to close, so I illegally shut down my machine, rebooted in safe mode without networking and scanned my machine. It found the results I just posted, I also want to say the redirector took me to web sites that I didn't even type www.msn.com took me to some video web site with foreign text through the page. Obviously a web site over seas.

 

I was able to clean my machine and when I went back on line, all links worked again as well as Microsoft's security web sites.

 

Edit: corrected MMTL to HTML

 

Bruce.


Edited by MrBruce1959, 10 May 2013 - 01:06 AM.

Welcome to Bleeping Computer! :welcome:
New Members: Please click here for the Bleeping Computer Forum Board Rules
 
My Career Involves 37 Years as an Electronics Repair Technician, to Which I am Currently Retired From.

I Am Currently Using Windows 10 Home Edition.

As a Volunteer Staff Member of Bleeping Computer, the Help That I Proudly Provide Here To Our BC Forum Board Membership is Free of Charge. :wink:

#6 IBreakPCs

IBreakPCs

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:07:10 PM

Posted 25 May 2013 - 10:32 AM

I don't seem to see one for Windows 8?

D:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users