IE8 bugs

[Mayayana]

For anyone who might still be using IE8, this will
be a relevant read:

http://www.theregister.co.uk/2014/05/22/ie_8_zero_day_dumped_after_7_months_redmond_says_harden_up/

There's at least one serious, known bug, which MS
now says they're not going to fix. Their official
advice is a cynical suggestion to restrict ActiveX
and script in IE.

 

[Hot-Text]

| For anyone who might still be using IE8, this will
| be a relevant read:
http://www.theregister.co.uk/2014/05/22/ie_8_zero_day_dumped_after_7_months_redmond_says_harden_up/
| There's at least one serious, known bug, which MS
| now says they're not going to fix. Their official
| advice is a cynical suggestion to restrict ActiveX
| and script in IE.



Instead of a patch,
Redmond released work-arounds
suggesting users harden IE 8 security

[Note: Instead of (EMET) patch]


By changing settings to block
and alert use of ActiveX Controls
and Active Scripting,

( Note:
He is saying Here to:
Trun back on Your
IE alert Goldbar Overview
For block ActiveX Controls
and Active Scripting
< mkMSITStore:C:\WINDOWS\Help\iexplore.chm::/goldbar_overview.htm >
)

and install its
Enhanced Mitigation Experience Toolkit
(EMET) which makes exploitation of Windows
boxes more difficult and expensive.

The disclosure comes on the heels of attacks
targeting Internet Explorer vulnerabilities
discovered in April

 

[Andy]

For anyone who might still be using IE8, this will

be a relevant read:



http://www.theregister.co.uk/2014/05/22/ie_8_zero_day_dumped_after_7_months_redmond_says_harden_up/



There's at least one serious, known bug, which MS

now says they're not going to fix. Their official

advice is a cynical suggestion to restrict ActiveX

and script in IE.

Anyone who still uses IExplorer is a clodhopper.

Andy