Todd Towles wrote:
He can buy a product..or do a super fast rollout of SP2..but why should
he? Microsoft should write better products...period. Everytime a Firefox
exploit comes out..there is already a fix...is that magic? No..it is
good coding...
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rafel Ivgi, The-Insider
Sent: Friday, November 12, 2004 8:09 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
If you do have 14000 machines why don't you buy "Finjan's Vital Security For Web"?
It will filter all malicious I.E exploits for all its surfers(its a proxy, quite fast...)
Or just use SUS(system update server (microsoft)) just like any other administrator... to install sp2 or to just replace the c:\windows\system32\shdocvw.dll with the patched one or with sp2 one...
Rafel Ivgi, The-Insider Security Consultant Malicious Code Research Center (MCRC) Finjan Software LTD E-mail: [EMAIL PROTECTED] --------------------------------- Prevention is the best cure! ----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, November 12, 2004 12:46 PM Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
Oh yeah, I've got 14,000 Windows 2000 machines to update to windows XP SP2,
hang on wheres that CD?
So thanks for your infinate wisdom there Rafel.
Colin.
"Rafel Ivgi, The-Insider" <[EMAIL PROTECTED] To et.il> <[EMAIL PROTECTED]> Sent by: cc full-disclosure-a [EMAIL PROTECTED] Subject .com Re: [Full-Disclosure] IE is just as safe as FireFox 12/11/2004 06:44
That is incorrect, there is a fix --> SP2.
Users should use the latest updated system, meaning if there is an SP2,
they
should install it.
Rafel Ivgi, The-Insider
Security Consultant
Malicious Code Research Center (MCRC)
Finjan Software LTD
E-mail: [EMAIL PROTECTED]
---------------------------------
Prevention is the best cure!
----- Original Message -----
From: "Martin Mkrtchian" <[EMAIL PROTECTED]>
To: "Todd Towles" <[EMAIL PROTECTED]>
Cc: "Mailing List - Full-Disclosure" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Friday, November 12, 2004 3:03 AM
Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
They should've at least released that statement after they
fixed the
IE FRAME vulnerability. 0 day exploit is in the wild and no fix for it, yet they claim its secure enough.
If the programmers are as smart as the company press
releasers, I can
see why I.E. still sux.
Martin
On Thu, 11 Nov 2004 15:59:20 -0600, Todd Towles <[EMAIL PROTECTED]> wrote:
Microsoft's security and mangement product manager (Ben English)
says...
At a security roundtable discussion in Sydney on
Thursday, Ben English,
Microsoft's security and management product manager, told
attendees that
IE undergoes "rigorous code reviews" and is no less
secure than any
other browser.
"Because IE is ubiquitous, you hear a lot more about it,
but I don't
think that Internet Explorer is any less secure than any
other browser
out there," English said.
http://news.com.com/Microsoft+says+Firefox+not+a+threat+to+IE/ 2100-1032_
3-5448719.html?part=dht&tag=ntop&tag=nl.e433
Can anyone say IFRAME? Lol
-Todd
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
************************************************************** ************************
This e-mail is confidential and may contain privileged information. If you are not the addressee or if you have received the e-mail in error, it may
be unlawful for you to read, copy, distribute, disclose or otherwise use the
information which it contains. Under these circumstances, please notify
us immediately by returning this mail to '[EMAIL PROTECTED]' and deleting
this e-mail from your system.
Any views expressed by an individual within this e-mail do not necessarily
reflect the views of Cadbury Schweppes Plc or its subsidiaries. Cadbury
Schweppes Plc will not be bound by any agreement entered into as a result
of this email, unless its intention is clearly evidenced in the body of the email.
Whilst we have taken reasonable steps to ensure that this e-mail and
attachments are free from viruses, recipients are advised to subject this mail
to their own virus checking, in keeping with good computing practice. Please
note that email received by Cadbury Schweppes Plc or its subsidiaries may be
monitored in accordance with the prevailing law in the United Kingdom.
************************************************************** ************************
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
--
My "Foundation" verse:
Isa 54:17 No weapon that is formed against thee shall prosper; and every tongue that shall rise against thee in judgment thou shalt condemn. This is the heritage of the servants of the LORD, and their righteousness is of me, saith the LORD.
-- carpe ductum -- "Grab the tape"
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
