If you are still using IE on your XP crunchers it would probably be a good time to find a new browser.
"A new zero day vulnerability has been found to affect every version of Internet Explorer"
See also MS SA 2963983

Other OS users should keep an eye out for a security update.

---

SETI@home classic workunits: 93,865 CPU time: 863,447 hours
Join the [url=http://tinyurl.com/8y46zvu]BP6/VP6 User Group[

If you are still using IE on your XP crunchers it would probably be a good time to find a new browser.

Currently this applies actually to all IE versions, not only those on Windows XP. The difference is, that Vista/7/8 users will get an update one day and XP users not.

A good time to find a new browser was long time ago, around the time when IE6 was the current version and Microsoft didn't bother to improve it and Firefox 1.x came out. IE 10 and 11 are OK, but regardless of this current issue I wouldn't use IE8, which is the latest version available for WinXP.

---

Another zero-day vulnerability in Flash which threatens all users of Windows, Mac OS X, and Linux alike.

At the moment I have Flash Player 13.0.0.182 (installed on 10.04.2014, both active_x and plugin)
The current version now is 13.0.0.206
http://www.adobe.com/software/flash/about/


http://helpx.adobe.com/en/flash-player/release-note/fp_13_air_13_release_notes.html
"April 28th, 2014
In today's release we are updating Flash Player with an important security update. We recommend users upgrade to this release."

I don't know if this info means the fix for this vulnerability is already done in version 13.0.0.206


I like to get offline Flash Player clean installers by the links bellow
(only the major version number need editing when they release e.g. version 14):

Flash Player for Internet Explorer
http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_12_active_x.exe
http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_13_active_x.exe

Flash Player for other browsers
http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_12_plugin.exe
http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_13_plugin.exe


The flash_player_13 files have 'Signing time:' 19.04.2014 (active_x) and 21.04.2014 (plugin) which means the .exe was ready on this date
(if it was ready 7-9 days ago why they needed a full week for testing before release?)


Edit:
They talk about CVE-2014-0515 which seems ;) not the same as CVE-2014-1776 from your link to arstechnica.com page
http://helpx.adobe.com/security/products/flash-player/apsb14-13.html

But this page seem to indicate the same problem from arstechnica (mentions Pixel Bender, Kaspersky, and written by Vyacheslav Zakorzhevsky) and calls it CVE-2014-0515
https://www.securelist.com/en/blog/8212/New_Flash_Player_0_day_CVE_2014_0515_used_in_watering_hole_attacks

---

 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 

If you are still using IE on your XP crunchers it would probably be a good time to find a new browser.

Currently this applies actually to all IE versions, not only those on Windows XP. The difference is, that Vista/7/8 users will get an update one day and XP users not.

Indeed. Which is why I mentioned it in the title & at the end of my post.

A good time to find a new browser was long time ago, around the time when IE6 was the current version and Microsoft didn't bother to improve it and Firefox 1.x came out. IE 10 and 11 are OK, but regardless of this current issue I wouldn't use IE8, which is the latest version available for WinXP.

It definably was, but so many people still cling to IE for some reason. IE still claims nearly 50% of the browser market share.

---

SETI@home classic workunits: 93,865 CPU time: 863,447 hours
Join the [url=http://tinyurl.com/8y46zvu]BP6/VP6 User Group[

Two of my 3 computers I just switched over to google chrome. The other one was was running it. So is adobe flash the weak point in this exploit?

My daily driver, Which has a ton of bookmarks, I cant seem to import into chrome. Im sure that will make the wifey real happy.

My two I7 3770 can stay on chrome, They only get used for crunching and when the grandkids come over.

Nobody likes to change in mid stroke. When a fix is done I will go back to IE on this Vista daily driver. Only for the sake of peace in the house. And to be honest I never have had any problems with any version of IE.

---

[/quote]

Old James

A good time to find a new browser was long time ago, around the time when IE6 was the current version and Microsoft didn't bother to improve it and Firefox 1.x came out.

Agreed. I held onto 2000 Pro until around the time Vista came out, and then finally moved up to XP, and the one and only time I used IE in XP: to pull up getfirefox.com.

---

Linux laptop:
record uptime: 1511d 20h 19m (ended due to the power brick giving-up)

For those of you who like things just a little more secure, have a look at these

Comodo Dragon based on chrome.

OR

Ice Dragon based on Firefox

These are the only browsers I use these days.

---

Look at that, AntiVirus for Ubuntu...


Virus Protection - Comodo Antivirus for Linux

First one I've seen. Although I really haven't been looking. They also have a Free AntiVirus for all Windows Except XP, you have to PAY for XP AntiVirus. I wonder if it's better than AVG.

... and the one and only time I used IE in XP: to pull up getfirefox.com

The problem is some stupid programs start IE despite you have other browser set as default (but this is rare, happens 1-2 times a year so I don't remember which programs do that)

---

 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 

Look at that, AntiVirus for Ubuntu...
... First one I've seen. Although I really haven't been looking.

Of course there are other:
https://help.ubuntu.com/community/Antivirus
http://www.makeuseof.com/tag/free-linux-antivirus-programs/

http://www.eset.com/me/home/products/antivirus-linux/?productdd=1
http://www.kaspersky.com/product-updates/linux-file-server-antivirus

---

 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 

A good time to find a new browser was long time ago, around the time when IE6 was the current version and Microsoft didn't bother to improve it and Firefox 1.x came out.

Agreed. I held onto 2000 Pro until around the time Vista came out, and then finally moved up to XP, and the one and only time I used IE in XP: to pull up getfirefox.com.

A slightly safer way to download your preferred alternative browser if you like.

You can stuff that into a command line ftp script if you like as well:

open ftp.mozilla.org
anonymous

binary
cd pub/firefox/releases/21.0/win32/en-US/
get "Firefox Setup 21.0.exe"

Then you just have to type "ftp -s:get_ff.txt" & a few seconds later you have it ready to install.

---

SETI@home classic workunits: 93,865 CPU time: 863,447 hours
Join the [url=http://tinyurl.com/8y46zvu]BP6/VP6 User Group[

Does that anonymous login have a password or is it blank? Also, I notice you elevated your CMD session... is that required or can you run CMD, CD into your Downloads folder and download it there?

Does that anonymous login have a password or is it blank? Also, I notice you elevated your CMD session... is that required or can you run CMD, CD into your Downloads folder and download it there?

Anonymous is normally a blank password. Sometimes a server may require something like an e-mail address for a password where you can normally just use something like nobody@home.net so it matches the pattern.
I am unsure if an elevated command line is required. I choose to be unsafe & disable UAC. It may work non-elevated. If not then it is probably required.

---

SETI@home classic workunits: 93,865 CPU time: 863,447 hours
Join the [url=http://tinyurl.com/8y46zvu]BP6/VP6 User Group[

Ah ok. I usually use "ftp -A" when using non-password protected anonymous logins.

For the french volunteers...
Internet Explorer : une faille critique, mais aucun correctif pour XP

---

The problem is some stupid programs start IE despite you have other browser set as default (but this is rare, happens 1-2 times a year so I don't remember which programs do that)

Boinc is one of those programs. I have SeaMonkey as a default browser but Boinc still starts IE. Or is this Win 8.1 issue?

---

The problem is some stupid programs start IE despite you have other browser set as default (but this is rare, happens 1-2 times a year so I don't remember which programs do that)

Boinc is one of those programs. I have SeaMonkey as a default browser but Boinc still starts IE. Or is this Win 8.1 issue?

All 3 of my crunchers start in chrome.

Edit Im running two with Win 7 And one in Vista.

---

[/quote]

Old James

I have SeaMonkey as a default browser but Boinc still starts IE. Or is this Win 8.1 issue?

There are two different zero-day exploits: one for IE (all versions from 6 to 11) and one for Adobe Flash.

BOINC simply calls the default browser as specified by the OS. Some browsers don't properly set themselves as default. To make sure your browser is set properly, click on Start -> Default Programs -> Set Program Access and Computer Defaults, then expand the custom section, look for the "Choose a default web browser:" and make sure the correct one is selected there (don't just leave it on "Use my current web browser").

Once this is done, the correct web browser will be launched by BOINC (or rather by the OS, which is making the call).

I have SeaMonkey as a default browser but Boinc still starts IE. Or is this Win 8.1 issue?

BOINC simply calls the default browser as specified by the OS. Some browsers don't properly set themselves as default. To make sure your browser is set properly, click on Start -> Default Programs -> Set Program Access and Computer Defaults, then expand the custom section, look for the "Choose a default web browser:" and make sure the correct one is selected there (don't just leave it on "Use my current web browser").

Not sure where to go (I use Finnish version of Windows), but I did find place to change the settings. Boinc now uses SeaMonkey. Thanks.

---