IE7 Beta 2 Preview Open to DoS Attack - Printable Version
-Shoutbox (https://shoutbox.menthix.net)
+-- Forum: MsgHelp Archive (/forumdisplay.php?fid=58)
+--- Forum: Skype & Technology (/forumdisplay.php?fid=9)
+---- Forum: Tech Talk (/forumdisplay.php?fid=17)
+----- Thread: IE7 Beta 2 Preview Open to DoS Attack (/showthread.php?tid=55502)
IE7 Beta 2 Preview Open to DoS Attack by Hank on 02-03-2006 at 12:57 AM
quote:
Originally posted by By BetaNews Staff, BetaNews
Security researcher Tom Ferris says he has discovered a security vulnerability in the Beta 2 Preview release of Internet Explorer 7. The bug lies in the urlmon.dll file and causes the browser to crash when it encounters a URL with the "file://" protocol followed by a long string of dashes.
Ferris previously discovered security flaws in Firefox, IE6 and QuickTime. He notes that arbitrary code could be executed on a machine running Microsoft's newest beta browser, but his proof-of-concept code simply crashes the application. The issue has been reported to Microsoft and Ferris says it is only of medium severity.
Source
RE: IE7 Beta 2 Preview Open to DoS Attack by dotNorma on 02-03-2006 at 01:07 AM
Please explain to me how this is a DoS attack?
RE: IE7 Beta 2 Preview Open to DoS Attack by Dane on 02-03-2006 at 01:07 AM
Still beta, this is naturally expected. I still think its good and will continue using it.
RE: IE7 Beta 2 Preview Open to DoS Attack by Hank on 02-03-2006 at 01:12 AM
quote:thought that was pretty Clear how
Originally posted by .Norma
Please explain to me how this is a DoS attack?
RE: IE7 Beta 2 Preview Open to DoS Attack by ddunk on 02-03-2006 at 01:16 AM
It's not clear to me either, unless DoS now means a bug that allows someone to crash the browser?
RE: IE7 Beta 2 Preview Open to DoS Attack by dotNorma on 02-03-2006 at 01:17 AM
quote:
Originally posted by Animal
quote:thought that was pretty Clear how
Originally posted by .Norma
Please explain to me how this is a DoS attack?
More info can be read here
How does that link relate to any of this at all?
RE: IE7 Beta 2 Preview Open to DoS Attack by Hank on 02-03-2006 at 01:20 AM
dunno.. i found it oin the betanews site? ..i'll remove it
RE: IE7 Beta 2 Preview Open to DoS Attack by dotNorma on 02-03-2006 at 01:21 AM
Er...okay.
Now can you explain how this is a DoS attack? 
RE: IE7 Beta 2 Preview Open to DoS Attack by Hank on 02-03-2006 at 01:30 AM
hey i didnt write it, i just quotesd it from some guy from betanews.com
RE: IE7 Beta 2 Preview Open to DoS Attack by dotNorma on 02-03-2006 at 01:47 AM
I think its safe to say you need a better news source.
RE: IE7 Beta 2 Preview Open to DoS Attack by Hank on 02-03-2006 at 02:37 AM
soon as i get it, i'll post it ok? for now put up with the one i posted
RE: IE7 Beta 2 Preview Open to DoS Attack by dotNorma on 02-03-2006 at 02:40 AM
http://shoutbox.menthix.net/showthread.php?tid=55505
RE: IE7 Beta 2 Preview Open to DoS Attack by Val on 02-03-2006 at 03:20 AM
No I think this can be considered an attact since someone could make a link in a webpage or a autoredirect to something like
code:Something like that and the person would click it just to have the browser crash. I dont see how this could be a DoS attact but surely a anyoying prank
<a href="file://path/to/path/to/path/to/path/to///////path/to//////">Free WLM Invites</a>
RE: IE7 Beta 2 Preview Open to DoS Attack by di3s3lx on 02-03-2006 at 03:34 AM
You can download Ie Beta 2 in www.softonic.com The site is in Spanish so here are the instructions to download:
http://internet-explorer.softonic.com/ie/48797
Just click descargar, then descargar once again the one in the GREEN.
The IE 7 Beta is in english so dont worry!
RE: IE7 Beta 2 Preview Open to DoS Attack by Val on 02-03-2006 at 03:47 AM
quote:
Originally posted by di3s3lx
u can download Ie Beta 2 in www.softonic.com The site is in Spanish so here are the instructions to download:
http://internet-explorer.softonic.com/ie/48797
Just click descargar, then descargar once again the one in the GREEN.
I think this is warez since your are not posting a microsoft/windows link here, someone wanna clear this up?
RE: IE7 Beta 2 Preview Open to DoS Attack by DJeX on 02-03-2006 at 03:49 AM
quote:
Originally posted by ValSpy
No I think this can be considered an attact since someone could make a link in a webpage or a autoredirect to something like
code:Something like that and the person would click it just to have the browser crash. I dont see how this could be a DoS attact but surely a anyoying prank
<a href="file://path/to/path/to/path/to/path/to///////path/to//////">Free WLM Invites</a>
No that is not a DoS attack.
DoS is Denial Of Service, this does nothing of the sort. Yes it may deny you of using IE but IE is not a service and it is not denying a whole group of people of using it. It is merely a bug which can be exploited to crash IE.
quote:
Originally posted by ValSpy
quote:
Originally posted by di3s3lx
u can download Ie Beta 2 in www.softonic.com The site is in Spanish so here are the instructions to download:
http://internet-explorer.softonic.com/ie/48797
Just click descargar, then descargar once again the one in the GREEN.
I think this is warez since your are not posting a microsoft/windows link here, someone wanna clear this up?
No it does not look like a warez site, just a site like www.downloads.com
RE: IE7 Beta 2 Preview Open to DoS Attack by ddunk on 02-03-2006 at 04:26 AM
quote:
Originally posted by ValSpy
quote:
Originally posted by di3s3lx
u can download Ie Beta 2 in www.softonic.com The site is in Spanish so here are the instructions to download:
http://internet-explorer.softonic.com/ie/48797
Just click descargar, then descargar once again the one in the GREEN.
I think this is warez since your are not posting a microsoft/windows link here, someone wanna clear this up?
IE7 Beta 2 is a public beta. You should still download it from microsoft.com instead of a 3rd party site.
RE: IE7 Beta 2 Preview Open to DoS Attack by markee on 02-03-2006 at 09:48 AM
Follow this link for the microsoft.com download page for IE 7 BETA
http://www.microsoft.com/windows/IE/ie7/ie7betaredirect.mspx
And please note that it is always much safer to download programs from somewhere as trusted as microsoft.com, i would advise people not to follow links to 3rd party downloading sites for such a thing unless it has been noted by the creaters of the program that it is a safe mirror download page. Just my two cents. 
RE: IE7 Beta 2 Preview Open to DoS Attack by GiantSpider on 02-03-2006 at 10:16 AM
I did give a link in the original post you know.
RE: IE7 Beta 2 Preview Open to DoS Attack by Kryptonate on 02-03-2006 at 12:38 PM
it's not the only problem IE7 has with file://. I tried to open a local page in IE7 Beta 2 and it opens the page in FF. The strange thing is that it worked yesterday :/.
RE: IE7 Beta 2 Preview Open to DoS Attack by John Anderton on 02-03-2006 at 01:10 PM
I thought DoS meant when someone else causes your browser to crash 
This seems to be a resident problem 
And btw .... this is why this is beta eh ?
RE: IE7 Beta 2 Preview Open to DoS Attack by di3s3lx on 02-03-2006 at 02:01 PM
I havent had any problems using the IE7 b2. Besides if you have a good firewall and a good antivirus Attacking a computer is not impossible but it makes it difficult for the people or person to actually attack the DOS. Either way this is still a Beta meaning it has some bugs and only for those who want to test it out.
RE: IE7 Beta 2 Preview Open to DoS Attack by GiantSpider on 02-03-2006 at 02:26 PM
quote:
Originally posted by di3s3lx
good firewall and a good antivirus
OneCare
RE: IE7 Beta 2 Preview Open to DoS Attack by Kryptonate on 02-03-2006 at 02:48 PM
quote:First of all, OneCare is beta, so be carefull with it. It's not advised to be used by everybody. Only do it when you know what you're doing. It's best to install another av or firewall if you're looking for one like Avast! or Nod32 or mcAfee or ZoneAlarm....
Originally posted by tehGspider
OneCare
Also, there are already holes found in OneCare: http://neowin.net/index.php?act=view&id=32217
RE: IE7 Beta 2 Preview Open to DoS Attack by GiantSpider on 02-03-2006 at 02:54 PM
Krypo: It was a complete joke. Was comparing the holes in IE 7 to that of OneCare. I have seen that thing in action & it's like using something worse than AVG free edition. And I do use McAfee.