Anti-Internet Explorer 6 protests grow with online petition

General Topics
1

http://www.theregister.co.uk/2010/02/02/internet_explorer_6_petition/
http://petitions.number10.gov.uk/ie6upgrade/

2

I think they’re holding onto IE6 so they can sue MS again… ;D ;D

3

Seem that they like to use Internet Explorer to download viruses :frowning:

4

I really don’t understand why some people refuse to move up to IE 8.

5

same like some (there was one here not so long ago) swear they will use Windows 98… (others XP ;D ) for the rest of their life, they’ve seen something working, and they’re afraid to change. That’s a very wide spread behavior since so many acquired PCs just to browse the web, they don’t want to change anything set originally by the constructor (the OEM) on their new “TV”…so if it came with IE6, they’d rather die than update it, out of scare that the “TV” would work anymore; could break the Internet channel etc…

6

Hi Logos,

But now we get word that the last two MS defence bastions for IE7 and IE8 also has been overcome by hackers. Yes, by exploiting weaknesses in Adobe Systems’ Flash Player, researchers have devised two separate attacks that bypass mitigations Microsoft put into IE 7 and 8. Known as ASLR, or address space layout randomization, and DEP, or data execution prevention, the technologies are designed to lessen the severity of bugs by making it hard for them to cause the execution of malicious code.

Both techniques wield the so-called just-in-time compiler in Flash so that a computer’s memory is blanketed with large chunks of identical shellcode. The “JIT-spray” allows attackers to overcome ASLR, which normally thwarts execution by picking a different memory location to load system components each time an operating system is started. (source: http://www.theregister.co.uk/2010/02/03/microsoft_windows_protection_bypass/ )

This will be rather difficult for MS to overcome because, one of the hackers told: “A change in the memory allocator could prevent” JIT-spraying," he said. “That is, I think, way too complex to do. I don’t think we’re going to see that happen anytime soon.” So a follow up of heap spraying is there,
just have to wait until this is coming to malware in the wild. Maybe this was also a reason to drop Flash in HTML5, the abuse of functionality in Flash sank browser security here,

polonus