Internet Explorer critical flawDate: March 24, 2006
Source: Washington Post
Microsoft acknowledged the previously undisclosed flaw in a blog posting earlier this week, in which it urged users to practice "safe browsing practices" -- such as only visiting trusted Web sites. I'd like to offer my two cents, which is that Security Fix readers who use Windows consider downloading and using a different browser, like Firefox, Netscape or Opera.
That advice is not to suggest that these browsers are free from security flaws. It's just that you're not anywhere near as likely to see attackers exploiting them to install software you don't want on your PC.
If you don't believe me, read the story I wrote last week about the scourge of keyloggers still being foisted upon IE users who haven't yet applied a patch that Microsoft made available in January. For nearly two weeks prior to that patch release, thousands of Web sites were either using the flaw on their own to install spyware, or were being hacked and seeded with exploit code to unwittingly infect visitors who came to the sites with vulnerable versions of IE.
In considering whether to use IE for regular Web browsing, I think it's important to keep in mind that exploits like these tend to be discovered by individuals in the hacker underground and used for a spell -- if not sold -- before they become public for profit-making ventures, such as the installation of adware and password-stealing programs like keystroke loggers.
Add comment Email to a Friend
|Discussion is closed - view comments archieve|
|2006-03-24 07:21:42 - If you're using the new refresh of the IE7... Duke|
|Total 1 comments|