Do you have a URL for this? Thanks,
Judith
----- Original Message -----
> US CERT (the US Computer Emergency Readiness Team), is advising people
> to ditch Internet Explorer and use a different browser after the latest
> security vulnerability in the software was exposed.
>
> A statement on the CERT site said: "There are a number of significant
> vulnerabilities in technologies relating to the IE domain/zone security
> model, the DHTML object model, MIME type determination, and ActiveX. It
> is possible to reduce exposure to these vulnerabilities by using a
> different web browser, especially when browsing untrusted sites." CERT
> otherwise recommends users to set security settings to high and disable
> _javascript_
>
> Malicious code, dubbed variously as "Scob" or "Download.Ject",
> originally posted last week on a Russian website, could be downloaded
> secretly onto websites using Microsoft's Internet Information Server
> 5.0. The code could then be used to log keystrokes made by visitors to
> the site - so long as they used Internet Explorer as their browser.
> Information, including passwords, was then to be emailed to the
> criminals behind the atack.
>
> Microsoft
> <http://www.microsoft.com/presspass/press/2004/jun04/0625download-jectst
> atement.asp> said that it was unaware of widespread consumer impact and
> noted that the Russian site had been taken offline. It said some
> enterprise users of Windows 2000 Server, specifically users running IIS
> 5.0, were being targeted by "Download.Ject". According to MS, this is
> not a trojan or worm but "a targeted manual attack by individuals or
> entities towards a specific server". It said users should use a
> firewall, ensure they have the latest software updates and use
> anti-virus software.
>
> Bill Gates, Microsoft chairman, called on users to switch on auto-update
> so that patches would spread faster. Speaking to Reuters in Australia at
> the weekend, he vowed to "guarantee that the average time to fix will
> come down. The thing we have to do is not only get these patches done
> very quickly...we also have to convince people to turn on auto-update."�
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
