[Previous entry: ""] [Main Index] [Next entry: "Use a fast-forward button, go to jail?"]

11/21/2004 Archived Entry: "Phising news, and get rid of IE!"

These days I consider "phishing" scams a greater threat than viruses and browser attacks, since we're well protected against the latter. So I was pleased to learn that the SANS Institute is offering a bi-weekly newsletter describing the latest scams which are circulating. Sign up for an email subscription, or read it on-line.

I really don't want my contribution to McBlog to be just a relay of the latest exploit warnings, but this one seems to be serious enough to be shouted far and wide. Internet Explorer 6 has a major vulnerability that can be exploited if you simply visit a hostile or compromised web site. There is no patch for this bug, and a number of compromised web sites have already been reported. This seems to affect all versions of Microsoft Windows except Windows XP with Service Pack 2 installed.

At the risk of sounding like a broken record: dump IE and get a new browser. Netscape, Mozilla/Firefox, and Opera are all available free for Windows. A new browser is the only sure fix for this vulnerability.

brad