Re: [Full-Disclosure] !! Internet Explorer !!
From: Koen (koen4security_at_hotmail.com)
To: Matthew Jonkman <firstname.lastname@example.org> Date: Fri, 11 Jun 2004 21:58:37 +0200
Matthew Jonkman wrote:
> Here's your best bet for protecting yourself from IE vulnerabilities,
> trojans, spyware, etc:
> Better, safer, faster.
And how exactly does this help in a corporate environment where you are
obliged to use Internet Explorer because they are running some kind of
bloated service/application that only runs in IE?
I stick to Firebird ...uhmm..Firefox but whenever I need to get my hands
on some piece of 'corporate' document that's in our document information
system it's good old and ugly IE that does the trick. I'm not stating
that this is a good thing, but it's damned reality in +50% of corporate
environments. Choice is good, even when this involves Microsoft.
You're far better of educating your users how to deal with 'suspicious'
content, making sure that everything is back-uped (and tested!),
providing alternatives for 'regular' browsing (like Mozilla for external
traffic, Internet Explorer for internal webservers), filtering 'some'
content, monitoring your traffic as close as you can get, making sure
that 'unsafe' (and safe) applications are locked down and watching
security lists like this one so that you can inform your 'users' (and
not the other way around).
Full-Disclosure - We believe in it.