https://bugzilla.wikimedia.org/show_bug.cgi?id=40328
Web browser: ---
Bug #: 40328
Summary: Upgrade visitors' computers running Windows/MSIE 6,7,8
or 9 to a secure browser
Product: Wikimedia
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: Site configuration
AssignedTo: [email protected]
ReportedBy: [email protected]
CC: [email protected], [email protected]
Classification: Unclassified
Mobile Platform: ---
According to a Microsoft Advisory, the browser software "Internet Explorer"
allowes remote code execution in almost all currently deployed versions and
operating systems. http://technet.microsoft.com/en-us/security/advisory/2757760
This should account for roughly 25% of our traffic at Wikimedia web sites.
http://stats.wikimedia.org/wikimedia/squids/SquidReportClients.htm
Couldn't we just upgrade those visitors' machines with a decent reliable
browser, such as Firefox or Chrome or Opera, maybe with the help of framework
software such as
https://community.rapid7.com/community/metasploit/blog/2012/09/17/lets-start-the-week-with-a-new-internet-explorer-0-day-in-metasploit?
If applicable criminal law or established moral or ethical standards do not
permit remote software upgrades via this path, we could at least consider
displaying a warning for visitors to use one of the suggested strategies to
deal with such a major browser security issue.
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
