Full Disclosure mailing list archives
Re: IE Web Browser: "Sitting Duck"
From: Georgi Guninski <guninski () guninski com>
Date: Wed, 30 Jun 2004 12:46:13 +0300
since CERT are "federally funded" does their advise mean it is "un-American" to use internet explorer? georgi On Tue, Jun 29, 2004 at 09:25:32AM -0500, Edge, Ronald D wrote:
Even CERT has issued an advisory that is really quite amazing in its bluntness: http://www.kb.cert.org/vuls/id/713878 which was last updated June 25, 2004 in the wake of the download.ject attack by what appears to have been Russian criminal gangs out of a web site now shut down in Russia. "Use a different web browser" "There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, the DHTML object model, MIME type determination, and ActiveX. It is possible to reduce exposure to these vulnerabilities by using a different web browser, especially when browsing untrusted sites. Such a decision may, however, reduce the functionality of sites that require IE-specific features such as DHTML, VBScript, and ActiveX. Note that using a different web browser will not remove IE from a Windows system, and other programs may invoke IE, the WebBrowser ActiveX control, or the HTML rendering engine (MSHTML). "
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- IE Web Browser: "Sitting Duck" Edge, Ronald D (Jun 29)
- Re: IE Web Browser: "Sitting Duck" Georgi Guninski (Jun 30)