MobileRead Forums - View Single Post

sUnShInE · 06-29-2004, 02:53 PM

Important Notice: The U.S. government's Computer Emergency Readiness Team (US-CERT) is warning web surfers to stop using Microsoft's Internet Explorer (IE) browser and use a different browser after last week's sophisticated malware attack targeted a known IE flaw.

US-CERT, a non-profit partnership between the Department of Homeland Security (DHS) and the public and private sectors, was established in September 2003 to improve computer security preparedness and response to cyber-attacks in the U.S.

A vulnerability statement on the CERT site said: "There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, the DHTML object model, MIME type determination, and ActiveX. It is possible to reduce exposure to these vulnerabilities by using a different web browser, especially when browsing untrusted sites." CERT otherwise recommends, among other things, that users set security settings to high and to disable Active scripting and ActiveX.

All over the net security researchers have spent a lot of time beating the "Dump IE" drum, and the CERT notice lends credibility to stoke the movement away from the "world's most popular browser".

More from Internet News and The Register.

Note: I realize that MobileRead users are smarter than the average netster, but I figured I'd pass this along to anyone who's still riding the holey IE train. Just because it came pre-installed on your computer, doesn't mean it's any good.

06-29-2004, 02:53 PM	#1
sUnShInE Drama Queen Posts: 784 Karma: 11712 Join Date: Nov 2002 Location: United States Device: Palm Tungsten T\|T3	Dump IE Important Notice: The U.S. government's Computer Emergency Readiness Team (US-CERT) is warning web surfers to stop using Microsoft's Internet Explorer (IE) browser and use a different browser after last week's sophisticated malware attack targeted a known IE flaw. US-CERT, a non-profit partnership between the Department of Homeland Security (DHS) and the public and private sectors, was established in September 2003 to improve computer security preparedness and response to cyber-attacks in the U.S. A vulnerability statement on the CERT site said: "There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, the DHTML object model, MIME type determination, and ActiveX. It is possible to reduce exposure to these vulnerabilities by using a different web browser, especially when browsing untrusted sites." CERT otherwise recommends, among other things, that users set security settings to high and to disable Active scripting and ActiveX. All over the net security researchers have spent a lot of time beating the "Dump IE" drum, and the CERT notice lends credibility to stoke the movement away from the "world's most popular browser". More from Internet News and The Register. Note: I realize that MobileRead users are smarter than the average netster, but I figured I'd pass this along to anyone who's still riding the holey IE train. Just because it came pre-installed on your computer, doesn't mean it's any good.