RE: [Full-Disclosure] IE is just as safe as FireFox

From: Todd Towles (toddtowles_at_brookshires.com)
Date: 11/12/04

  • Next message: Jirka Kosina: "Re: Linux ELF loader vulnerabilities"
    To: "Rafel Ivgi, The-Insider" <theinsider@012.net.il>, <full-disclosure@lists.netsys.com>
    Date: Fri, 12 Nov 2004 09:03:26 -0600
    
    

    And what do you plan on doing about the unpatched exploited recently
    released? There are holes for SP2...ones that haven't even been released
    yet...

    ________________________________

            From: full-disclosure-admin@lists.netsys.com
    [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of Rafel Ivgi,
    The-Insider
            Sent: Friday, November 12, 2004 12:44 AM
            To: full-disclosure@lists.netsys.com
            Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
            
            
            That is incorrect, there is a fix --> SP2.
            Users should use the latest updated system, meaning if there is
    an SP2, they
            should install it.
            
            
            Rafel Ivgi, The-Insider
            Security Consultant
            Malicious Code Research Center (MCRC)
            Finjan Software LTD
            E-mail: rivgi@Finjan.com
            ---------------------------------
            Prevention is the best cure!
            ----- Original Message -----
            From: "Martin Mkrtchian" <dotsecure@gmail.com>
            To: "Todd Towles" <toddtowles@brookshires.com>
            Cc: "Mailing List - Full-Disclosure"
    <full-disclosure@lists.netsys.com>;
            <ring-of-fire@yahoogroups.com>
            Sent: Friday, November 12, 2004 3:03 AM
            Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
            
            
    > They should've at least released that statement after they
    fixed the
    > IE FRAME vulnerability. 0 day exploit is in the wild and no
    fix for
    > it, yet they claim its secure enough.
    >
    > If the programmers are as smart as the company press
    releasers, I can
    > see why I.E. still sux.
    >
    >
    > Martin
    >
    >
    > On Thu, 11 Nov 2004 15:59:20 -0600, Todd Towles
    > <toddtowles@brookshires.com> wrote:
    >> Microsoft's security and mangement product manager (Ben
    English) says...
    >>
    >> At a security roundtable discussion in Sydney on Thursday,
    Ben English,
    >> Microsoft's security and management product manager, told
    attendees that
    >> IE undergoes "rigorous code reviews" and is no less secure
    than any
    >> other browser.
    >>
    >> "Because IE is ubiquitous, you hear a lot more about it, but
    I don't
    >> think that Internet Explorer is any less secure than any
    other browser
    >> out there," English said.
    >>
    >>
    http://news.com.com/Microsoft+says+Firefox+not+a+threat+to+IE/2100-1032_
    >> 3-5448719.html?part=dht&tag=ntop&tag=nl.e433
    >>
    >> Can anyone say IFRAME? Lol
    >>
    >> -Todd
    >>
    >> _______________________________________________
    >> Full-Disclosure - We believe in it.
    >> Charter: http://lists.netsys.com/full-disclosure-charter.html
    >>
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.netsys.com/full-disclosure-charter.html
            

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Jirka Kosina: "Re: Linux ELF loader vulnerabilities"