Wednesday, July 14, 2004

IE browser: living its last days?

I've recently read many articles on the security, lack of thereof, of Internet Explorer. This one though, eWeek's "IE May Share Shell Hole Found in Mozilla", openned my eyes. A company in Denmark, VeriSign's Managed Security Services, (formerly Guardent), announced four extremely critical security flaws.

The holes could allow a malicious Web site to circumvent the browser's security settings and execute script in the browser that could download and execute malicious software....
The first of the four discovered holes allows a remote Web site to "spoof" a function within a script with a function of the same name from a malicious Web site....
Another vulnerability tricks users into using "drag and drop" functions of the browser without their knowledge to add malicious script to browser resources such as the "Favorites" menu..
Secunia advised users that the only current solutions to these potential threats are to "disable Active scripting" or "use another product"—a browser other than IE.
The increasing number of vulnerabilities in general-purpose Web browsers may spur a trend toward simpler, trusted browsers..


Post a Comment

<< Home