IT Excuse Generator

Feeds
Add to Google
RSS FEED


October 08, 2003

The latest fad

August was the month of the worms. September was the month of the Spam-Worms. October could easily be the month of IE Exploits.

It seems the new trend is to make use of all the various known and unpatched vulnerabilities still in Microsoft's Internet Explorer. To make matters worse it seems that there have been several other exploits found that have gone unreported and are being utilized as well. As usual, Microsoft is being slow to respond.

While most of these exploits revolve around Microsoft's dangerous Active-X implementation, there is at least one exploit that can seamlessly and silently plant malicious code on to your machine with some JavaScript.

While you could potentially avoid being infected by using another browser it could just be a false sense of security. There is at least one version of this JavaScript floating around that seems to affect Netscape and Opera users as well.

So how do you avoid these exploits? Right now the safest solution is to disable Active-X and JavaScript in IE and also switch to another browser which also has JavaScript disabled. However this makes most of the web unusable. Certainly not the best solution. You might as well say you're going to stop using the internet.

I'm going to try to limit my risks by avoiding sites that allow HTML to be posted by anyone. Forums, blog comment pages, most personal web sites, etc. I have always had javascript and active-X set to prompt before running so its not like I let them run on these types of sites anyway. One can't be too diligent.

I'll also be keeping an eye on changes to my system registry and start up lists. Of course having a frequently updated anti-virus with active scanning is a good idea. So is having a firewall that monitors outgoing traffic.

Other than that, use your head. Avoid links to unknown sites and pay attention to every confirmation box carefully.

Posted in Computing & Tech News , Microsoft & Windows by usrbingeek at 2003-10-08 15:11 ET (GMT-5) | 2 Comments | Permalink



Comments

This site is a blog. I'm basically saying not to visit my site either. Thanks to Microsoft we'll all be suffering if things aren't corrected soon.

Posted by: #!/usr/bin/geek at October 10, 2003 11:21 PM

It is extremely taxing to remain vigilant but at this point we have no choice.

I am amazed at how many people I meet are completely un-aware of the imminent danger.

Crazy world we live in!

Posted by: James at October 14, 2003 08:07 AM










This web site is provided "as is" with no representations or warranties, and confer no rights. We are not liable for omissions or typographical errors contained in the content. Use at your sole risk.
The opinions expressed here do not necessarily represent any other entity or party we may have a connection or affiliation with.
usrbingeek, usr bin geek, usrbingeek.com, #!/usr/bin/geek are trademarks of usrbingeek LLC. All other trademarks and tradenames are property of their respective owners.