RE: OT - Beware of Internet Explorer

  • From: "Mark W. Farnham" <mwf@xxxxxxxx>
  • To: <oracle-l@xxxxxxxxxxxxx>
  • Date: Wed, 30 Jun 2004 09:25:18 -0400

so... is that URL you posted a key stealer, or the article telling us not to
click on unknown URLs?

;)

Two DBAs walking down the street late at night, hearing footsteps on the
cobblestone behind them.

First DBA: "I hope that guy isn't going to mug me."
Other DBA: "Don't worry, I'm sure he's after me."

-- You're not paranoid if the world really is out to get you.

mwf

-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx]On Behalf Of Chip
Sent: Wednesday, June 30, 2004 9:06 AM
To: oracle-l@xxxxxxxxxxxxx
Subject: OT - Beware of Internet Explorer


Wow, opening a gif file can install a key logger and password stealer:
http://news.com.com/Pop-up+program+reads+keystrokes%2C+steals+passwords/2100
-7349_3-5251981.html

Beware of IE:
The U.S. government's Computer Emergency Readiness Team (US-CERT) is
warning Web surfers to stop using Microsoft's Internet Explorer (IE)
browser. On the heels of last week's sophisticated malware attack that
targeted a known IE flaw, US-CERT updated an earlier advisory to
recommend the use of alternative browsers because of ''significant
vulnerabilities'' in technologies embedded in IE. ''There are a number
of significant vulnerabilities in technologies relating to the IE
domain/zone security model, the DHTML object model, MIME-type
determination, and ActiveX. It is possible to reduce exposure to these
vulnerabilities by using a different Web browser, especially when
browsing untrusted sites,'' US-CERT noted in a vulnerability note.
US-CERT is a non-profit partnership between the Department of Homeland
Security (DHS) and the public and private sectors. US-CERT researchers
say the IE browser does not adequately validate the security context of
a frame that has been redirected by a Web server. It opens the door for
an attacker to exploit the flaw by executing script in different
security domains. Surfers must also get into the habit of not clicking
on unsolicited URLs from e-mail, instant messages, Web forums or
internet relay chat (IRC) sessions. (Datamation 06/29/04)

Have Fun :)


----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to:  oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------


----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to:  oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------

Other related posts: