| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> OT - Beware of Internet Explorer
Wow, opening a gif file can install a key logger and password stealer:
http://news.com.com/Pop-up+program+reads+keystrokes%2C+steals+passwords/2100-7349_3-5251981.html
Beware of IE:
The U.S. government's Computer Emergency Readiness Team (US-CERT) is
warning Web surfers to stop using Microsoft's Internet Explorer (IE)
browser. On the heels of last week's sophisticated malware attack that
targeted a known IE flaw, US-CERT updated an earlier advisory to
recommend the use of alternative browsers because of ''significant
vulnerabilities'' in technologies embedded in IE. ''There are a number
of significant vulnerabilities in technologies relating to the IE
domain/zone security model, the DHTML object model, MIME-type
determination, and ActiveX. It is possible to reduce exposure to these
vulnerabilities by using a different Web browser, especially when
browsing untrusted sites,'' US-CERT noted in a vulnerability note.
US-CERT is a non-profit partnership between the Department of Homeland
Security (DHS) and the public and private sectors. US-CERT researchers
say the IE browser does not adequately validate the security context of
a frame that has been redirected by a Web server. It opens the door for
an attacker to exploit the flaw by executing script in different
security domains. Surfers must also get into the habit of not clicking
on unsolicited URLs from e-mail, instant messages, Web forums or
internet relay chat (IRC) sessions. (Datamation 06/29/04)
Have Fun :)
 |
 |