TheTechArea.com: Will switching from Internet Explorer make you safer? - TheTechArea.com

Jump to content

TheTechArea.com Times

Note to members: You can only post in the Member Submitted News forum. A staff member will move it to an appropriate area if it is worthy of the portal!

alert! We're hiring newsposters! Prove yourself PM an admin when you think you are ready for the responsibility of being a newsposters!
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Will switching from Internet Explorer make you safer?

#1 User is offline   The Joker 

  • WhY sO sErIoUs?!?
  • Group: Administrator
  • Posts: 7,635
  • Joined: 28-July 05
  • Gender:Male
  • Location:Buffalo, NY, USA
  • Interests:Computers, Home Theater, Console Games, Movies

Posted 23 January 2010 - 08:37 PM

The panic over this month’s wave of targeted, zero-day attacks against Google, Adobe, and other companies is over. Microsoft has released a security update for Internet Explorer that patches the underlying vulnerabilities, and everyone can breathe a sigh of relief.But what does this episode say about Internet Explorer? I’ve seen several pundits argue that Internet Explorer is inherently unsafe. I think they’re overreacting. Yes, there is a case to be made for using a different browser, especially one with a lower market share that is targeted less frequently than Internet Explorer. (And if you’re too impatient to read this entire post, then skip to the last page for that discussion.) But it’s also true that switching browsers is a small part of a comprehensive, defense-in-depth security strategy.

One thing’s for certain: Changing browsers isn’t a magic bullet, and it might not have made a difference in this case, as I explain in this post.

First things first: How do I protect myself from becoming a victim of this exploit?

Regardless of which version of Internet Explorer or Windows you’re using, you should install today’s Cumulative Security Update for Internet Explorer (described in KB978207 and Microsoft Security Bulletin MS10-002). This update should be delivered automatically via Windows Update or Windows Software Update Services.

You should also turn on Data Execution Prevention, a feature which prevents code execution from data pages in memory (technical details for the Windows XP family are here, for Windows Vista and 7 here). DEP is on by default in Internet Explorer 8. To enable DEP on Windows XP or Windows Vista with IE6 or IE7, use the Fix It tool on the MS10-002 advisory page.

So, exactly what happened in this case?

The public does not know the full details of what happened. Various reports and analysts have published conflicting reports with a lot of speculative analysis. A January 12 report by Verisign’s iDefense security outfit blamed the attacks on an Adobe PDF vulnerability. That report was retracted two days later, although many news stories based on that inaccurate report have not been corrected.

>> Source: Ed Bott
Image created by CarnageX | You've been Mak'd! | Decaptured...listen! | All thanks to Hefe for the parts for my new PC!
This is what happens when an unstoppable force meets an immovable object. | Twitter | TTA Facebook
Posted Image
Posted ImagePosted Image

View PostAtlas, on 24 January 2010 - 01:34 PM, said:

New from Apple... the iPost. Full online forum backup, protects your e-peen from being shrank by post count reductions. Protect your e-Rep for pennies!
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users