BetaNews: Microsoft is finally ready to kill off Internet Explorer once and for all… for most people

BetaNews: Microsoft is finally ready to kill off Internet Explorer once and for all… for most people. “Internet Explorer may be a stalwart of the world of web browsers, but it has also been an object of ridicule and derision for pretty much its entire life. Since the emergence of the Chromium-based Microsoft Edge, the writing has been on the wall for the browser just about everyone loves to hate, but IE has been lingering for longer than many people would have expected. But now Microsoft is finally ready to pull the plug. Sort of.”

BetaNews: Microsoft is finally ditching Internet Explorer and legacy Edge

BetaNews: Microsoft is finally ditching Internet Explorer and legacy Edge. “With Internet Explorer having shown its age for a very long time, and with Microsoft pushing out the new Chromium-based version of Edge, it is little wonder that the company is ready to kill off its older browsers. Microsoft has now set out its timetable for sunsetting legacy Edge in Windows 10 and the dropping of support for Internet Explorer. The changes start later this year, and in twelve months’ time the process of moving on will be complete — from Microsoft’s point of view, at least.”

Bleeping Computer: Microsoft’s IE Zero-day Fix is Breaking Windows Printing

Bleeping Computer: Microsoft’s IE Zero-day Fix is Breaking Windows Printing. “Unfortunately, the scope of issues being caused by applying this fix is greater than originally thought. Since applying this fix, many users have reported that this fix is also causing printing to fail on HP printers and other USB printers. When users attempt to print they receive I/O errors and the print jobs fail.”

Lifehacker: Block Internet Explorer’s Latest Vulnerability With This Workaround

Lifehacker: Block Internet Explorer’s Latest Vulnerability With This Workaround. “Microsoft disclosed a troublesome vulnerability in Internet Explorer last week, affecting various permutations of Internet Explorer 9, 10, and 11 across Windows 7, 8.1, and Windows 10 (as well as various editions of Windows Server). The bad news is that Microsoft won’t likely patch this problem until February—when the next major batch of security updates hits. Thankfully, there are a few workarounds you can use right now to keep yourself safe from this new remote code execution vulnerability.”

BetaNews: 0patch releases micropatch for Internet Explorer vulnerability — including for Windows 7

BetaNews: 0patch releases micropatch for Internet Explorer vulnerability — including for Windows 7. “At the end of last week, a serious vulnerability was discovered in Internet Explorer, affecting all versions of Windows. Not only is the bug (CVE-2020-0674) being actively exploited, but for Windows 7 users the vulnerability was exposed right after their operating system reached the end of its life. Even for users of newer versions of Windows, and despite the severity of the security flaw, Microsoft said it would not be releasing a patch until February. Stepping in to plug the gap comes 0patch with a free micropatch for all versions of Windows affected by the vulnerability.” Third party patches make me wary (this is not because of 0patch, but just in general) but if you don’t want to wait until February…

The Register: It’s Friday, the weekend has landed… and Microsoft warns of an Internet Explorer zero day exploited in the wild

The Register: It’s Friday, the weekend has landed… and Microsoft warns of an Internet Explorer zero day exploited in the wild. “Microsoft let slip on Friday an advisory detailing an under-attack zero-day vulnerability (CVE-2020-0674) for Internet Explorer. The scripting engine flaw can be exploited to gain remote code execution on a vulnerable machine by way of a specially crafted webpage. The flaw can be mitigated by restricting access to the JavaScript component JScript.dll, and thus far there is no patch available.”

Ars Technica: Ex-YouTube engineer reveals how video site worked to kill off Internet Explorer 6

Ars Technica: Ex-YouTube engineer reveals how video site worked to kill off Internet Explorer 6. “Though YouTube had been under Google’s ownership for about three years, YouTube’s engineers were suspicious and wary of being integrated into Google’s corporate machine. They had their own special set of permissions named ‘OldTuber,’ and anyone with OldTuber permissions could freely modify the YouTube site without going through Google’s usual change management process of code reviews, testing, adherence to coding standards, and so on. It was cowboy territory, where developers could do as they liked. Only the risk of breaking things—and hence losing OldTuber permissions, if not their job—kept them on the straight and narrow. The OldTubers decided that they’d show a banner to Internet Explorer 6 users.”

Digital Trends: Internet Explorer zero-day exploit makes files vulnerable to hacks on Windows PCs

Digital Trends: Internet Explorer zero-day exploit makes files vulnerable to hacks on Windows PCs. “There were already a number of reasons to not use Internet Explorer. But if you needed another one, here it is. According to ZDNet, a security researcher named John Page has published evidence of an Internet Explorer zero-day exploit that renders Windows PCs vulnerable to having their files stolen by hackers.”

Ars Technica: Internet Explorer bug leaks whatever you type in the address bar

Ars Technica: Internet Explorer bug leaks whatever you type in the address bar. “There’s a bug in the latest version of Internet Explorer that leaks the addresses, search terms, or any other text typed into the address bar. The bug allows any currently visited website to view any text entered into the address bar as soon as the user hits enter. The technique can expose sensitive information a user didn’t intend to be viewed by remote websites, including the Web address the user is about to visit. The hack can also expose search queries, since IE allows them to be typed into the address bar and then retrieved from Bing or other search services.”

Google Releases Information About Another Microsoft Security Vulnerability

Google has let the cat out of the bag about another Windows vulnerability.. “Google’s Project Zero research team has actively been detecting vulnerabilities in Microsoft’s software products for quite some time…. Just a few days ago, it disclosed yet another vulnerability in Windows, however, this time after its standard 90-day deadline had passed. Now, the company has revealed yet another weakness in Microsoft’s software products, and this time, the flaw pertains to Edge and Internet Explorer, which means that it does not only impact Windows 10 but other iterations of the operating system as well.”