The latest fad

August was the month of the worms. September was the month of the Spam-Worms. October could easily be the month of IE Exploits.

It seems the new trend is to make use of all the various known and unpatched vulnerabilities still in Microsoft's Internet Explorer. To make matters worse it seems that there have been several other exploits found that have gone unreported and are being utilized as well. As usual, Microsoft is being slow to respond.

While most of these exploits revolve around Microsoft's dangerous Active-X implementation, there is at least one exploit that can seamlessly and silently plant malicious code on to your machine with some JavaScript.

While you could potentially avoid being infected by using another browser it could just be a false sense of security. There is at least one version of this JavaScript floating around that seems to affect Netscape and Opera users as well.

So how do you avoid these exploits? Right now the safest solution is to disable Active-X and JavaScript in IE and also switch to another browser which also has JavaScript disabled. However this makes most of the web unusable. Certainly not the best solution. You might as well say you're going to stop using the internet.

I'm going to try to limit my risks by avoiding sites that allow HTML to be posted by anyone. Forums, blog comment pages, most personal web sites, etc. I have always had javascript and active-X set to prompt before running so its not like I let them run on these types of sites anyway. One can't be too diligent.

I'll also be keeping an eye on changes to my system registry and start up lists. Of course having a frequently updated anti-virus with active scanning is a good idea. So is having a firewall that monitors outgoing traffic.

Other than that, use your head. Avoid links to unknown sites and pay attention to every confirmation box carefully.