smoe.org mailing lists
ivan@stellysee.de
From | "bryan" <munki100@pacbell.net> |
Subject | U.S. Steers Consumers Away From I.E. |
Date | Mon, 12 Jul 2004 17:27:35 -0700 |
[Part 1 text/plain iso-8859-1 (1.8 kilobytes)]
(View Text in a separate window)
> Go with Safari if you can.
> I am rapidly seeing that as my cure for all ills.
> (plus a great pop up blocker)
Check this out, Boris --
Technology - TechWeb -- YAHOO NEWS
http://tinyurl.com/yrq6j
U.S. Steers Consumers Away From IE
Loring Wirbel, EE Times
The Department of Homeland Security's U.S.
Computer Emergency Readiness Team touched
off a storm this week when it recommended for
*security reasons* using browsers *other than*
Microsoft Corp.'s Internet Explorer.
The Microsoft browser, the government warned,
cannot protect against vulnerabilities in its Internet
Information Services (IIS) 5 server programs,
which a team of hackers allegedly based in Russia
has exploited with a Java script that is appended to
Web sites.
The particular virus initiated this week inserts Java
script into certain Web sites. When users visit those
sites, it initiates pop-up ads on home and office
computers, and allows keystroke analysis of user
information. The target is believed to be credit card
numbers. CERT estimated that as many as tens of
thousands of Web sites may be affected.
CERT said vulnerabilities in IIS and IE could include
MIME-type determination, the DHTML object model,
the IE domain/zone security model and ActiveX scripts.
Alternative browsers such as Mozilla or Netscape may
not protect users, the agency warned, if those browsers
invoke ActiveX control or HTML rendering engines.
The only defense may be completely disabling scripting
and ActiveX controls.
Microsoft said earlier in the week it is working with law
enforcement officials to identify the source of the latest
Internet virus.
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.719 / Virus Database: 475 - Release Date: 7/12/04
For assistance, please contact
the smoe.org administrators.