Note that using a different Web browser will not remove IE from
a Windows system, and other programs may invoke IE, the WebBrowser ActiveX control,
or the HTML rendering engine (MSHTML).
US-CERT Vulnerability Note VU#713878
While the note also recommends keeping up with patches from Microsoft to reduce your risks, it
seems that the only real solutions are to disable Active scripting and ActiveX, use plain text e-mail,
and don??™t visit sites you don??™t trust with Internet Explorer. In other words, use a browser that disables
insecure features included in Microsoft products.
This announcement apparently caused quite a run on the Mozilla.org site to download a Firefox
browser and related e-mail client (described in Chapter 22 of this book). Versions of those software
projects run on Windows and Mac OS X, as well as on Linux. Many believe that browsers such as
Firefox are inherently more secure because they don??™t allow nonstandard Web features that might
do such things as automatically download unrequested software without your knowledge.
Research into hijacked computers being taken over, by the thousands, to be used as botnets has
shown a very high percentage to be Microsoft Windows systems. The disturbing thing about the
statistics, however, is that many of these systems have been upgraded with Microsoft Service Pack 2
(SP2) or other patches that were supposed to protect from those types of infections.
Pages:
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139