The most-worrisome security flaw revealed by the Pwn2Own contest was the Internet Explorer 8 hack. Dutch researcher Peter Vreugdenhil won $10,000 by circumventing Windows 7’s two best anti-malware controls, Address Space Load Randomization (ASLR) and Data Execution Prevention (DEP).

An independent security expert, Vreugdenhil immediately published a paper, available on his Web site, describing in general terms how he did it. (He states he will not publicly reveal the exact exploits used.) He was able to take over a fully up-to-date Windows 7 system in two steps. First, he managed to evade ASLR and get the memory address of a Windows 7 .dll file. Next, he disabled DEP by using a previously known exploit.

Circumventing DEP is especially troubling: Microsoft relies heavily on DEP to keep out new malware that’s unknown to antivirus applications — so-called zero-day attacks.

A March 30 Microsoft Security Response Center bulletin announced the unscheduled release of an Internet Explorer update. According to the bulletin, this release was not related to the IE 8 vulnerability revealed at CanSecWest (which Microsoft is still investigating) but is a cumulative security patch for all versions of Internet Explorer.

Security Bulletin MS10-018 (980182) is marked critical, addresses 10 Internet Explorer security flaws, and should be installed as soon as possible. For more on this and a large Apple patch release, see contributing editor Susan Bradley’s Patch Watch column in today’s paid content.

Extracted from windowssecrets

Possibly Related Posts:

• Which browser is more Secured?
• The ‘Internet Fraud Alert’ System
• Did you know?
• Internet Explorer 8 is now the world’s most used browser
• IE Tweaker in Japanese Version soon

A new article was added to IETips - “Unable to play online games or watch YouTube Videos after upgrading to IE8“

Possibly Related Posts:

• Thanks for the feedback on IE Tweaker
• Seasons Greetings from IETips.net
• Quero Toolbar - Review
• IE8 crashes at startup
• IE8 running with add-ons disabled

Windows 7 allows you to disable/uninstall Internet Explorer. Follow the steps outlined below:

1. Goto Control Panel and find out the “All Control Panel Options”
2. Click “Programs and Features”
3. Click “Turn Windows Features On or Off” in the left pane.
4. Find out Internet Explorer 8 listed in the program list.
5. uncheck the option.

Click OK and rebook the system.

Once the system is restarted, you will not see any instances of IE8.

Possibly Related Posts:

• Which browser is more Secured?
• The ‘Internet Fraud Alert’ System
• IE 8 gets new breach — and a new patch
• Did you know?
• Internet Explorer 8 is now the world’s most used browser

Issue - After upgrading to Internet Explorer 8, you may experience the “Internet Explorer is currently running with add-ons disabled. Click here to manage” message as shown in the below screen shot:

Cause - This issue happens because of one of the following:

• Upgrading to Internet Explorer 8 from Internet Explorer 7 when some of the tool bars are enabled.
• IE is running under a normal user account which doesn’t have administrative rights.

Resolution - To resolve this issue, perform the steps mentioned below:

Step # 1:

1. Open Internet Explorer
2. Click Tools, Internet Options
3. Click Advanced tab, and then click Reset.
4. Follow the on-screen directions.
5. Close and re-open Internet Explorer.

Step # 2:

1. Click Start, Right-click the IE icon
2. Click “Properties”
3. Click Shortcut tab
4. Click “Advanced” button
5. Check the box that says “Run as administrator”
6. Click OK.

Step # 3:

1. Click Start
2. Right-click Internet Explorer icon
3. Click Properties
4. Ensure that -extoff switch is not added. Incase, if you find the -extoff, simply select and remove
5. Click OK.

Step # 4:

Goto Add or Remove programs and uninstall any Toolbars installed such as Developer Toolbar, Yahoo! or google toolbar.

Restart the Internet Explorer and you may browse with Add-ons enabled.

Possibly Related Posts:

• Internet Explorer 9 TestDrive
• 10 tips to increase the performance in Internet Explorer
• 10 tips to increase the performance of IE
• Unable to open https:// or Secured web sites after upgrading to Internet Explorer 8
• Gmail Attacks - Aurora - Fix by MS Patch

I was surprised to see an article by Scott in beta news website, where he mentions that the Security fixes, and JavaScript update will bog down IE8. He mentions in the article that they have noticed a trend of IE8 performance dragging down over time, while every other major Windows browser in the field was headed the other direction — and fast. Early this month, when Firefox 3.6 Beta 1 appeared imminent (and still is at this moment), we calculated the performance difference between IE8 and IE7 at about 75%.

However, after installing the security fixes that was released in the month of October, and the update for Microsoft’s JavaScript (JScript) engine, the performance has averaged down to 54%.

I hope Microsoft will further look in at these issues and present a browser which will compete with other browsers.

Read out the entire article @ LINK

Possibly Related Posts:

• Which browser is more Secured?
• The ‘Internet Fraud Alert’ System
• IE 8 gets new breach — and a new patch
• Did you know?
• Internet Explorer 8 is now the world’s most used browser