More IE Vulnerabilities Surface

Subject: More IE Vulnerabilities Surface
From: Gary Stoneburner <gary.stoneburner@nist.gov>
Date: Mon, 10 Nov 2003 13:53:23 -0500
Content-Type: multipart/alternative; boundary="=====================_16888625==.ALT"

re: http://www.techweb.com/wire/story/TWB20031107S0007

"Internet Explorer users are again potentially at risk, this time from hackers who have posted exploits that have the ability to insert malicious code onto systems running Microsoft's Web browser."

"Huger's advice was to ratchet up the security of Internet Explorer by disabling such features as Java and active scripting, and forbidding ActiveX controls from running when the browser encounters them at a Web site. "But that makes your browser pretty cumbersome to use,"he admitted. "

You just aren't going to keep up with the problems by "penetrate and patch". It really does boil down to either (a) suffer a loss by getting hacked or (b) suffer a loss by forgoing desired functionality. A loss of some kind is just inevitable.

Cheers,
Gary

************************************************************************** * Opinions expressed are not intended to reflect an official position ************************************************************************** * Gary Stoneburner
* Computer Security Division, National Institute of Standards & Technology
* 100 Bureau Drive, Stop 8930, Gaithersburg, MD 20899-8930
* Phone: 301-975-5394, FAX: 301-948-0279, Email: Stoneburner@nist.gov
* http://csrc.nist.gov/staff/stoneburner/gshome.html
**************************************************************************

Prev by Date: Microsoft to shoot Messenger in next update
Next by Date: The computer virus--no cures to be found
Prev by thread: The computer virus--no cures to be found
Next by thread: Microsoft to shoot Messenger in next update

Date Index | Thread Index | Problems or questions? Contact list-master@nist.gov