Microsoft’s “critical” security bulletins target holes in the Windows HTML Help system and the Task Scheduler. Still, researchers warn of new IE vulnerabilities.
Critical Fixes Top MS List for IE, Outlook
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
…that Microsoft hasn’t come out with IE 7 or 8 by now. However, I think IE is better than Mozilla or Firefox.
If you lock down IE’s security settings you can eliminate all spyware and pop-ups from your machine. It’s very easy and it only takes a few minutes.
I have been running my locked down version of IE for 4 months now and I run spybot and ad-aware once a week and I have yet to clean up any spyware.
These security settings also apply to outlook…
In fact, most websites look better when rendered in IE because most websites are optimized for it.
“..that Microsoft hasn’t come out with IE 7 or 8 by now. However, I think IE is better than Mozilla or Firefox. ”
IE is plagued by security holes one after another and you support that product?. it doesnt even have basic features like tabs and popup blocking not to compare the hundreds of extensions available for firefox
“If you lock down IE’s security settings you can eliminate all spyware and pop-ups from your machine. It’s very easy and it only takes a few minutes. ”
no. the shell exploit still works
“In fact, most websites look better when rendered in IE because most websites are optimized for it. ”
this is thing of the past. every good website should work everywhere
Note to moderator: Plese delete the first instance.
eWeek has started citing Slashdot. This will definately shift the tone of any security article they write. The discussion on Bugtraq and the Full Disclosure list has been hot and heavy; it just seems too easy to combine the various unpatched vulnerabilities of Internet Explorer to compromise a system.
I give Microsoft some credit for blocking some critical flaws, but ding them for two things: When assessing vulnerability, they never take combination attacks into account. I remember one particular exploit discussed on the Full Disclosure list that made use of five unpatched vulnerabilities to blow an otherwise minor problem in Sun’s Java to critical proportions. Also, their patches are often incomplete. See the Bugtraq discussion on the HijackClick flaw. Now it appears that the Shell protocol patch can be bypassed with the use of an iframe.
Given this state of affairs, I have stopped patching my Windows systems, and will not install XP SP-2 when it comes out. Instead I have blocked all network access to and from Windows 2000 and XP. Since the machines in question also run Linux, that means all network operations will be done through the OS that Balmer claims nobody stands behind.
was all this not said yesterday ?
I don’t use windows on any of my own personal pcs, (hmm personal personal computers), they got linux on them, but I still get the security bulletins sent from Microsoft.
The first load got deleted immediately, but now I read them all. I do not read them and laugh at all the hassle I now avoid, but I read them and feel sorry for the dumb users who do not know any better.
If a typical user is tech savvy enough to update his computer regularly, and with windows, that is very very very regularly, then he is also savvy enough to know how to download and install something else, so on his own head be it.
There are always the MS fanboys around here, and one called Hugh who works with me, they say they never have problems with XP or with IE. These same people call themselves “Windows Experts” or “Power Users”, HA !
I bet if I was to get a look around all the processes running on their machines I would find loads of malware running.
I challenge ANY fan of IE to prove to me that they have NO malware processes running. Print them here !
IE is plagued by security holes one after another
Since IE is embedded into windows they also effect the OS.
indeed, as is the same for outlook and outlook express
The main reason Microsoft has not released IE7 or IE8 is that they have destroyed the competition and dont need to innovate.
How incredible is it that Microsoft support pop up adverts in IE and dont have
tabbed browsing.
Still at least they didnt stop with IE5 as they did on the Mac.
“If you lock down IE’s security settings you can eliminate all spyware and pop-ups from your machine. It’s very easy and it only takes a few minutes.”
Even is this was true, an important much used Internet Application as a browser should be save enough by default. It’s impossible to let those less technical people chance the security settings, keep the browser up-to-date is allready to much to ask.
“…that Microsoft hasn’t come out with IE 7 or 8 by now. However, I think IE is better than Mozilla or Firefox.”
Anyone who believes that is simply lying to himself. Even the Department of Homeland Security advised users to find alternate browsers.
IE is behind the Mozilla and Opera browsers, since Microsoft has not made a significant upgrade in more than three years.No tab browsing, no pop-up blocker, and the list goes on…
“…that Microsoft hasn’t come out with IE 7 or 8 by now. However, I think IE is better than Mozilla or Firefox.”
Anyone who believes that is simply lying to himself. Even the Department of Homeland Security advised users to find alternate browsers.
IE is behind the Mozilla and Opera browsers, since Microsoft has not made a significant upgrade in more than three years.No tab browsing, no pop-up blocker, and the list goes on…