Important Notice: The U.S. government's Computer Emergency Readiness Team (US-CERT) is warning web surfers to stop using Microsoft's Internet Explorer (IE) browser and use a different browser after last week's sophisticated
malware attack targeted a known IE flaw.
US-CERT, a non-profit partnership between the Department of Homeland Security (DHS) and the public and private sectors, was established in September 2003 to improve computer security preparedness and response to cyber-attacks in the U.S.
A
vulnerability statement on the CERT site said: "There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, the DHTML object model, MIME type determination, and ActiveX. It is possible to reduce exposure to these vulnerabilities by using a different web browser, especially when browsing untrusted sites." CERT otherwise recommends, among other things, that users set security settings to high and to disable Active scripting and ActiveX.
All over the net security researchers have spent a lot of time
beating the "Dump IE" drum, and the CERT notice lends credibility to stoke the movement away from the "world's most popular browser".
More from
Internet News and
The Register.
Note: I realize that MobileRead users are smarter than the average netster, but I figured I'd pass this along to anyone who's still riding the holey IE train. Just because it came pre-installed on your computer, doesn't mean it's any good.