MSIE: One patched, one pops up again (setslice)
If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released after the out of cycle Microsoft patch for MSIE.
So: No, surfing with MSIE is still not safe.
References
Defenses
- Use an alternate browser (yeah, we sound like a broken record). But diversity really helps make the bad guys' job harder.
- Disable ActiveX (take care: windowsupdate needs it, so you need to trust those sites)
- Set the killbits:
{844F4806-E8A8-11d2-9652-00C04FC30871} and {E5DF9D10-3B52-11D1-83E8-00A0C90DC849} - Keep antivirus signatures up to date.
- Keep an eye out for a patch from Microsoft.
- ...
--
Swa Frantzen -- Section 66
×
Diary Archives
Comments