Internet Explorer 6.1/7 virus vulnerability

May 15, 2013 at 22:48:44
Specs: Win 7

In the above thread, paulsep wrote:

paulsep May 15, 2013 at 20:50:52

When using the old Internet Explorer 6.1 or 7, it's a matter of time, your computer will get infected by a virus.

Can you explain why you think the vulnerability is so great as to be inevitable? How would a virus necessarily even be able to get to Internet Explorer in normal use?

I've been using various versions of Internet Explorer since the 1990's, and have yet to see any kind of malware attack via IE. I have seen horribly designed web pages, and lots of e-mails carrying what appeared to be worms. The e-mails just get
deleted and the worst the web pages do is require me to close and restart Internet Explorer.

-- Jeff, in Minneapolis

See More: Internet Explorer 6.1/7 virus vulnerability

Report •

May 16, 2013 at 01:53:28
Prior to having the Browser Choice option IE was the most used browser, and therefore those who created virus's, worm etc would target this browser because the probability of infecting a machine would be greater. They would find and exploit vulnerabilities in IE but microsoft have been quick to patch them.

Personaly i believe if you have a decent firewall and anti virus and regularly scan your machine, there is no reason for your machine to become infected.

I only ever use IE because its what i am used to and to date i am yet to be infected by a virus, I have a firewall on my Draytek Router, ZoneAlarm Pro as my windows firewall and AVG as my anti virus.

There is also the element of human interaction before your machine is infected, as you mention, you get emails but they get deleted, now if you went ahead and opened the email and clicked on the link or attachment, only then can your machine be infected, i dont think it can be totally automatic, i could be wrong though.

Anyways, any browser can be exploited thats a fact, i think IE being the more common was the one targeted most.

Report •

May 16, 2013 at 03:47:27
With Active-X controls and embedded Java script it is amazingly easy to embed a virus into a web page. A web page could contain an Java script that will download a virus without you ever knowing about it. That's how Trojans get installed and the secret of a good Trojan is not to let the user know they have been infected.

But sadly, a lot of people didn't know that and assumed that all they were getting was benign HTML.

As stated be the previous poster, IE was the most common browser, that was the one that was targeted the most. Since then, a lot of the vulnerabilities have been eliminated but with a bit of common sence any a good AV they could be neutralised..


Report •

May 16, 2013 at 13:30:42
Thanks to AlwaysWillingToLearn and StuartS.
There is nothing more to add.

Report •

Related Solutions

May 16, 2013 at 14:24:14
I don't think MS is supplying updates to those older versions of IE. So if there is a vulnerability, it may not get plugged.

Report •

May 16, 2013 at 14:57:43
"Prior to having the Browser Choice option IE was the most used browser"

It still is the "most used browser" for desktops:

"Personaly i believe if you have a decent firewall and anti virus and regularly scan your machine, there is no reason for your machine to become infected"

I disagree & StuartS pretty much covered the why/how in his 1st few sentences.

Report •

May 16, 2013 at 18:30:30
It doesn't matter, whether IE is or was the most used browser.
The fact is, that the ActiveX controls are non W3C standard (it's a Microsoft self cooked thing) and are the most vulnerable parts of IE.

Mozilla Firefox or Google Chrome e.g. are not less vulnerable, but do not support ActiveX, except using special plugin.
Addons like NoScript and AdBlock makes them more secure browsers.

Report •

May 17, 2013 at 03:18:31
I stand correctected i didnt think of that, thank you for the explaination, it makes perfect sense.

Report •

May 17, 2013 at 08:22:12
I'm trying to be convinced that there is a real and major
vulnerability, and I'm not convinced yet.

ActiveX and JavaScript are apparently being accused as
the two most vulnerable parts of Internet Explorer -- and
older versions of IE in particular -- while web browsing.
Is that correct?

Although I haven't connected it to the Internet much in the
last year, I do have an old (1997) laptop computer running
Windows 98 SE and Internet Explorer 5.5, which is the
most recent version the computer can handle. Until three
years ago when I built a new desktop computer with Win7,
I was browsing with that computer almost every day.

So, is it mostly luck that while browsing the web for hours
almost every day since the 1990's, none of my computers
has been infected by a virus?

-- Jeff, in Minneapolis

Report •

May 17, 2013 at 13:49:46
One of my systems dual boots Win7 & Mint Linux. I run MSE & Malwarebytes Pro, Windows firewall, my router firewall, plus use CCleaner regularly. About a week ago while browsing using IE10, a pop-up appeared on my screen & before I could even react, my system rebooted & I was greeted by the DOJ/FBI Ransomware screen. No way around it, not able to boot into safe mode. I booted into Mint, browsed the Windows partition & manually removed what I could find, but in the end had to resort to an Anvi Rescue CD to remove the ransomware screen. Even so, after the screen was removed, I was only able to boot to a black screen. I had to bring up Task Manager > New Task > Explorer to bring up the desktop. I was then able to run MSE & Malwarebytes to remove even more nasties, but that still didn't fix the black screen at startup. A little googling showed me which registry entries to edit & now I'm back in business. The infection (Trojans) was downloaded thru javascript from a questionable website I had visited. I knew the risk going in, thought I was well protected, but it jumped up & bit me. The fix might have been easier if I had system restore enabled, but I keep it disabled on all my systems. I enjoy the challenge.

Report •

May 17, 2013 at 15:57:24
Iv been using IE for donkeys years, i have AVG pro and ZoneAlarm pro running all the time as well as my Draytek Vigor firewall. Malwarebytes, spybot 2, superAntiSpyware and CCleaner are run manually. I cannot remember the last time any of these picked up a virus/trojan.

Just before Christmas i recieved a machine with the Met Police virus, i imagine its similar to the FBI, but cannot be sure. Anyways i managed to remove it pretty quick.

I tried to install this on my machine just for fun but Both ZoneAlarm kicked in and asked if i wanted to allow a program access to my machine, cannot quite remember the exact program, but i denied it, but later allowed it to gain access to see what would happen, obviously it installed the Met Police trojan/virus. I will add that it was not a downloaded applicationit was more like a web page pop up message kind of "click here to install" so basically what i am getting at is, there are ways to protect yourself, hell i know my macine is clean and has been for years. I pick up the odd tracking cookie but no PUPs, trojans or virus's. i do visit the odd questionable sites now and then in search for apps, music or films, maybe im just lucky. The guys above have more knowledge than me in this subject and in fact make a very valid point however id like to ask a question, wouldnt a good firewall ask you before any ActiveX component was installed ir run on your machine?

Report •

May 17, 2013 at 17:32:43

I don't believe firewalls ever ask questions. They just do
what they've been told to do. Maybe you meant some other
type of security program like Windows Defender?

Your mention of "click here to install" reminded me of
another question:

I have many times read that questionable popups can carry
malware, so one should close them, not open them, but if
the purpose of the popup is to spread malware, why not just
make the "close" button install the malware, in addition to
the "open" button? And for that matter, if the popup can pop
up without the user doing anything, why wait for the user to
click on it to start installing the malware, why bother with the
popup at all, why not just go ahead and install the malware?

-- Jeff, in Minneapolis

Report •

May 21, 2013 at 03:04:50

Just to clarify, firewalls do in fact ask questions, that is how they configure the rules which specify which application can and cannot have access to the internet or system recources. ZoneAlarm constantly will ask me if an application can have access to the net or my system. for example, if i install a new piece of software, because the setup file is able to start installation, ZoneAlarm will say "xxxxx is trying to run or gain access to my system" Do i want to allow or deny this, and the same is true for applications that either try to authenticate over the internet or even update.

Report •

Ask Question