Re: IE questions

From: Harlan Carvey (keydet89_at_yahoo.com)
Date: 04/30/04 

Date: Fri, 30 Apr 2004 10:29:05 -0700 (PDT)
To: Andy Pham <apham2575@hotmail.com>, focus-ms@securityfocus.com

Andy,

It doesn't sound as if you need to go w/ everything,
maybe just ActiveX.

Do you have A/V software installed and updated on your
user's systems? How about IDS and egress filtering on
the infrastructure? These are some things that can
help mitigate some of the risk...

--- Andy Pham <apham2575@hotmail.com> wrote:
> Hello,
>
> I'm not sure if my first email went thru or it's
> stuck somewhere because of
> the wrong email address. Anyway, we're currently
> blocking ActiveX,
> JavaScript and active scripting in IE. It has been
> working ok for us, but
> we heard a lots of complains because the users
> couldn't get to the sites
> that require ActiveX turn on (most of commercial
> sites). So my questions
> are
>
> What are the risks of turn everything on in IE? Is
> staying current with
> service packs help? Is there any work around if we
> decide to keep
> ActiveX...off? Any suggestions are appreciated.
>
> AP
>
> p.s: And I don't want to go with Mozilla browser....
>
>
_________________________________________________________________
> Stop worrying about overloading your inbox - get MSN
> Hotmail Extra Storage!
>
http://join.msn.com/?pgmarket=en-us&page=hotmail/es2&ST=1/go/onm00200362ave/direct/01/
>
>
>
---------------------------------------------------------------------------
>
---------------------------------------------------------------------------
>

---------------------------------------------------------------------------
---------------------------------------------------------------------------

Relevant Pages

  • Re: IE questions
    ... > I'm not sure if my first email went thru or it's stuck somewhere because of ... Anyway, we're currently blocking ActiveX, ... > that require ActiveX turn on (most of commercial sites). ...
    (Focus-Microsoft)
  • IE questions
    ... I'm not sure if my first email went thru or it's stuck somewhere because of ... Anyway, we're currently blocking ActiveX, ... that require ActiveX turn on (most of commercial sites). ...
    (Focus-Microsoft)
  • Re: SP2 and Permissions
    ... There is no such icon. ... "To help protect your security, ... "What's the Risk" and "Information Bar Help". ... >> followed by the lecture about the risks of ActiveX. ...
    (microsoft.public.windowsxp.general)
  • RE: IE questions
    ... Harlan and Andy, ... ActiveX is the source of almost all IE browser malicious code. ... help mitigate some of the risk... ... > I'm not sure if my first email went thru or it's ...
    (Focus-Microsoft)
  • RE: A ? activex
    ... The level at which active X controls are able to do things is controllable ... so the level of risk is up to you. ... Curtis Koenig ... >to play msn games on messenger you need to have activex controls enabled ...
    (microsoft.public.windowsxp.security_admin)
Quantcast