OT - Beware of Internet Explorer

  • From: Chip <ocp-dba@xxxxxxxxxxxxx>
  • To: oracle-l@xxxxxxxxxxxxx
  • Date: Wed, 30 Jun 2004 07:06:08 -0600

Wow, opening a gif file can install a key logger and password stealer:

Beware of IE:
The U.S. government's Computer Emergency Readiness Team (US-CERT) is
warning Web surfers to stop using Microsoft's Internet Explorer (IE)
browser. On the heels of last week's sophisticated malware attack that
targeted a known IE flaw, US-CERT updated an earlier advisory to
recommend the use of alternative browsers because of ''significant
vulnerabilities'' in technologies embedded in IE. ''There are a number
of significant vulnerabilities in technologies relating to the IE
domain/zone security model, the DHTML object model, MIME-type
determination, and ActiveX. It is possible to reduce exposure to these
vulnerabilities by using a different Web browser, especially when
browsing untrusted sites,'' US-CERT noted in a vulnerability note.
US-CERT is a non-profit partnership between the Department of Homeland
Security (DHS) and the public and private sectors. US-CERT researchers
say the IE browser does not adequately validate the security context of
a frame that has been redirected by a Web server. It opens the door for
an attacker to exploit the flaw by executing script in different
security domains. Surfers must also get into the habit of not clicking
on unsolicited URLs from e-mail, instant messages, Web forums or
internet relay chat (IRC) sessions. (Datamation 06/29/04)

Have Fun :)

Please see the official ORACLE-L FAQ: http://www.orafaq.com
To unsubscribe send email to:  oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
Archives are at http://www.freelists.org/archives/oracle-l/
FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html

Other related posts: