| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040630094613.GA2670@sivokote.iziade.m$> From: guninski at guninski.com (Georgi Guninski) Subject: IE Web Browser: "Sitting Duck" since CERT are "federally funded" does their advise mean it is "un-American" to use internet explorer? georgi On Tue, Jun 29, 2004 at 09:25:32AM -0500, Edge, Ronald D wrote: > Even CERT has issued an advisory that is really quite amazing in its > bluntness: > http://www.kb.cert.org/vuls/id/713878 > which was last updated June 25, 2004 in the wake of the download.ject > attack by what appears to have been Russian criminal gangs out of a web > site now shut down in Russia. > > "Use a different web browser" > "There are a number of significant vulnerabilities in technologies > relating to the IE domain/zone security model, the DHTML object model, > MIME type determination, and ActiveX. It is possible to reduce exposure > to these vulnerabilities by using a different web browser, especially > when browsing untrusted sites. Such a decision may, however, reduce the > functionality of sites that require IE-specific features such as DHTML, > VBScript, and ActiveX. Note that using a different web browser will not > remove IE from a Windows system, and other programs may invoke IE, the > WebBrowser ActiveX control, or the HTML rendering engine (MSHTML). " >
Powered by blists - more mailing lists