When software stops having problems, we're all doomed. That's pretty much what all of us base our careers on. Either making it work in ways it doesn't out-of-the-box, or keeping it working when it breaks. When it does everything out of the box and never breaks, that will be a sad day for this generation. We'll all have to become.... gulp!.... USERS. Oh my God!

practically opera is the best when it comes to security.

Opera is best...

at hiding their flaws, anyway:

"Security vendor Secunia doesn't list any unpatched security holes for the Opera browser on its site at this time. Opera usually coordinates its browser updates with Secunia, so that Secunia doesn't release any information about security vulnerabilities in the browser before a patch is made available."

So says http://operawatch.blogsp...o-be-released-soon.html

crap crap crap crap crap crap crap crap crap crap crap crap .
be practical, tell me who uses security holes ?
they(blackhats) are trying to find them in the browser, less security holes=better browser.

tell me whatever you are saying how does that effects opera user ??????

Gee this sure is surprising. I wonder how many more there will be. They have been patching holes in this thing for years and years and years. I am pretty convinced it is just one big gigantic gaping hole in the space time. I wonder when the new great advanced ie7 is released how many holes they will have each week. Anyone think there will ever be a day when IE is bulletproof, because right now it looks like someone took armor piercing bullets in a 50 cal and just let loose on ie6 for 5 years now. I like how they have the same version of ie for years, and just keep on patching it, why did it take firefox to convince them to actually put out a new version. That really does show you how commited they are to their customers and the web standards.

Figuring out what rss was because of firefox is a shame, microsoft should be a shamed of themselves, sitting there counting their billions and letting all the code they are profiting from still, just stagnate.

Well said ^_^

Wouldn't DEP (http://en.wikipedia.org/wiki/NX_bit and http://support.microsoft.com/kb/875352) prevent this if you are using it?

I know lot's of customers that disable DEP due to app and driver conflicts.

Firefox is the best browser for PC's .... I stopped using IE four years ago when my computer got infected with Viruses and Trojans .... I liked downloading music and had to pay a price to the technician to clean up my hard drive ... Anyway that is history .... I now sit back with a cup of coffee and enjoy using the Firefox Browser ....ofcourse I got rid of the main problem ... aaah !!! You know what I mean .. WINDOWS XP out of my rooms window forever ever ever ... I now use XANDROS DESKTOP Linux Operating system with Firefox loaded ...SAFE , SECURE AND FAR MORE EFFICIENT THAN wINDOWS xp OPERATING SYSTEM ....... Of course I have Crossover codeweavers and a lot of good applications in it and do not have the neccessity to rely again on Windows XP !!! Goodbye ......

You make some good points, BBates, but this is a serious problem, too. Critical flaws such as this affect all of us -- whether we choose to use IE or not -- because everyone suffers, directly or indirectly, when these flaws are exploited.

Incidentally, my bank has recently overhauled their website; customers are now *required* to use IE to access online banking (before these latest "improvements", the site was 100% Firefox and Opera compatible). Rather than improving, they've succeeded in driving longtime customers away in droves. IE is inherently flawed and people have good reason not to trust their finances to it.

I surprised those people managed to open bank accounts if they are that dumb.

zee7
Agree in principle with your first paragraph - this type of thing is important in it's own right.

As far as your second paragraph "they've succeeded in driving longtime customers away in droves" - how do you know that? With IE having such a large market share, I highly doubt that statement is true. I guess it depends on your definition of "droves".

THZGryphon - your comment reeks of "geek-speak". In my travels as a System Administrator, generally, the only individuals I find using non-IE browsers are "techy" people - there's a whole world of very intelligent people who use computers as an "aid" to get a job done - it's not their primary purpose in life - thus they use what's "common" to them..that doesn't make them, as you say, "dumb".

This bug as it's related to banks is a non-player, unless of course your bank hosts a "malicious web site" :-)

My statement was in reference to his last two sentences. I doubt if he knows 5 people that left the bank because its website is IE only, droves is a bit far fetched as I doubt they publish their customer details. What I am calling dumb, in a round about way, are people who overly emphasized IE flaws in order to drive users to other browsers for no other reason but because they think it will make them sound like they know what they are talking about because they are on the same bandwagon as everyone else.

THZGryphon - my apologies - misinterpreted...

How do I know? I have a friend who works in the internet banking dept there. She says they're logging about 20 complaints a day since the new site went live. If these customers are taking the time to call in to complain that they don't feel comfortable using IE for their banking, you can safely assume they're not happy. This is just something I mentioned in passing because it just happened; make of it what you will.

If people would only complain about our dissapearing retirement plans, highways full of potholes that need tour guides to see what is in them, lack of support and relief for disaster victims, GAS PRICES, and so many other problems that affect our ENTIRE populace.

Let there be a problem with windows or IE and you can read plenty of complaints and solutions.

What is happening to our society? When is a computer program more important than any of the items in the first para?

Computers, a machine that will only operate as good as the operating system and the bios it communicates with. Maybe its the bios and not the OS? Now that is a different point of view! What a concept...the bios is faulty and no OS can work with it the way it is supposed to.

If all the time and energy expanded to complain about windows and IE, were directed at the folks working (?) in DC and our various state capitol's, about the problems in our first para, we could all enjoy better living standards.

Shuccks, just maybe the OS developers could code just a bit better to do away with most of the big problems.

Biggest problem with computers...... CPM and DOS were great! Then along came '95 and the world has worked on fixes every day since!

"What is happening to our society?"

Self destruction by complexity.

Does this mean i have to remove IE???????????????
What the hell is safe now-a-days????????

Here's a suggestion, don't go to malicious websites....

Scientists confirm the sun will rise tomorrow morning.

Correction: Scientists "predict" it "should" rise tomorrow morning.

So is this 2 or three vulns? Can we just assume that IE is always, in an constantly insecure state, and just, like, not use it?

I would love to, except that: there is no other browser engine that is as good as IE.

Don't get me wrong. Firefox is ahead of IE in terms of advanced HTML features and stuff. BUT, Firefox cant be integrated easily into my Windows app., AND it eats up a filthy amount of RAM. It takes up 3 to 4 times more RAM than Maxthon does.

Btw, Firefox isn't secure either.

If I'm missing something here, enlighten me.

No browser is secure. No need for this IE bashing. Just learn to protect your computer.

I don't see how I can when MS tells me to not browse to insecure sites. What kind of advice is that? It's like a cop telling me to stay in my house because there is a large rapist, somewhere in the city. And MS often will just wait until Patch Tuesday. Well, guess what, this vuln could be out there today and there would be little I could do running IE.

I hate flame wars as the next guy, and OS prosletyzing is silly, but seriously, this browser architecture, and the patch mechanism, is broken.

Yeah, here is what you are missing, and it is sad because you said it. Firefox CAN'T BE EASILY INTEGRATED INTO YOUR WINDOWS APP! The security flaws found in Firefox are not as critical as the flaws found in IE which is tightly integrated into your OS! Why do you want a browser that integrates into other apps? What is it that a browser should do? Oh yeah! BROWSE THE WEB! It is not a multimedia application, it is not an email client, it is not a word processor. Our society is too big on making products cross functional. I want one device that does EVERYTHING. My phone has to have a camera, mp3 player, tv, dvd player, and dishwasher in it... Yes Firefox is a memory hog, but it caches pages for quicker loading. That isn't a flaw, it is a known feature and has been mentioned in the firefox forums on numerous occasions.

I'll tell you what you are missing.

Right now, I can say FF is secure. I can browse to pr0n sites, javascript hell, and I know my browser would be fine. I have control in FF to say what type of scripting I will allow, and I'm aware of the public vulns.
Just compare and contrast the numbers and the scope of vulnerabilities. Don't tell me that you can look at these
http://secunia.com/product/4227/
http://secunia.com/product/11/
And claim IE is more secure.

"Firefox cant be integrated easily into my Windows app., "
Sure it can. Use XUL. It's also open source and free for you to program into your app. It'll always be free, and you don't have to subscribe to a "developer network (and pay for it,) to code into it.

"AND it eats up a filthy amount of RAM. It takes up 3 to 4 times more RAM than Maxthon does."

As a programmer then you are well aware that maxthon/IE is preloaded as part of the OS components, so you would do well to add up all the RAM used to bring up your OS. Maxthon has the same IE security vulns as well.

Everyone at my company uses a computer all day. It is not easy to keep the black hats at bay. Over and over I have to tell my employees "Do not download and install screen savers from the Internet."

The one thing I did that helps the most is to put everyone on Firefox and Thunderbird. No browser is perfect, but my security record is.

Holy geez! Your users have rights to install things? That's scarry by itself.

Yeah. I like carrying around 50 devices. Who wants convenience? Sheesh.

"The vulnerability can be exploited to cause Internet Explorer 6 to crash through a specially crafted HTML tag with 94 or more event handlers."

Maybe I'm having a really bad case of DeJa'Vu, but--isn't that the same exact flaw that has been patched like, three times already? Once in December last year, and once February this year--too many characters in a string causing crashes?

Really...anybody else remember this from before?

oh yeah yeah, i think i remember .....

.........

..........

...........

oh, no no, wait.... never mind, i was confusing it with a family guy episode...
sorry

It's pretty amazing that people like to keep posting stories about IE having holes, or flaws or whatever.

Browsers will have holes and need patches.

It's not like it's news everytime it happens.

**eyes rolling**

You're right. better to just keep quiet about this kinda stuff, so that people can't use workarounds, alternative browsers, or come up with tools or IDS definitions that thwart the attack.

Exactly. ;->

Maybe BetaNews should start reporting all the bugs/security problems that Firefox/Opera has.

p.s. don't really care about Opera, only Firefox. It is their fanboys which are annoying and who should shut up.

Firefox doesn't have as many flaws that allow for remote code execution because it isn't PART of the OS. That is why IE flaws are considered more critical and mentioned more often. Don't be a "Firefox Fanboy Hater". Firefox does have it's flaws and they do get reported and they also get patched much quicker than IE flaws do...

Software is soft and squishy. Hardware is, well, just plain hard.

It's pretty amazing that people have enough free time to continuously attempt to break software.

What's wrong with that? You have free time to post here.

Is it not obvious that MS is the best most widely used software on the planet. Allowing people to be more productive and creative than they would be otherwise? Their will always be detractors. It is easy to complain, pick apart or just in general be negative. It is a lot harder to be creative and create things that actually work and people use every day. Nothing insight that can compete with MS, browser or any other app you choose.

I just spent an afternoon dealing with this crap. These jokers have used a new URL format to fool spyware programs. This is no typo and the mnissing period after the www is deliberate. You cannot enter it into to the IE list of restricted zones and block further executions.

http://www.betanews.com See the difference?

http://www3.popupsearche...?query=download&p=0

Watch out for these ba$+ards...

Hey I wouldn't waste my free time hanging around here posting stuff, that's what company time is for :-))