How to secure Internet Explorer

From: B F (zaphod_b71@hotmail.com)
Date: 11/17/02

  • Next message: gary_palmer@attbi.com: "re: Unknown Workgroup in Network Neighborhood" 
    From: "B F" <zaphod_b71@hotmail.com>
To: focus-ms@securityfocus.com
Date: Sun, 17 Nov 2002 14:46:41 +0100

    Hi list,

    this is my first time posting so please don't flame me if this
    topic has been discussed before...

    My intention for this posting is this new IE Exploit.
    If you don't already know it you can read about it here:
    http://archives.neohapsis.com/archives/bugtraq/2002-11/0041.html

    A couple of weeks ago I rolled out IE6 SP1 in the hope for some
    silence in the ongoing battle of rolling out new patches for IE
    / Outlook. Ironically some messages on bugtraq indicated that only
    with this version the exploit works perfectly.

    So back to my question, what can / should a responsible sysadmin do
    to protect his internet explorer users?

    Some topics that come to mind:
    - is it feasible to disable active scripting for the internet zone?
      ( I already had problems with my user after I disabled activeX...)
    - what happens if you lockdown the local computer zone?
    - do AV Products protect you from this kind of vulnerabilities?

    Hoping to get some replies...

    Regards
    Bjoern

    _________________________________________________________________
    Add photos to your e-mail with MSN 8. Get 2 months FREE*.
    http://join.msn.com/?page=features/featuredemail