I’m about a week behind in posting this (I got lazy), but I thought I’d put it here for posterity.
Businessweek columnist Stephen Wildstrom says that Internet Explorer is too risky to use
In late June, network security experts saw one of their worst fears realized. Attackers exploited a pair of known but unpatched flaws in Microsoft’s Web server software and Internet Explorer browser to compromise seemingly safe Web sites. People who browsed there on Windows computers got infected with malicious code without downloading anything
In a sligtly techier article on EWeek, their senior editor says that Internet Explorer is TOO DANGEROUS TO KEEP (emphasis mine).
Ladies and gentlemen, computer experts say that IE is dangerous.
Many of the people talking about the exploit have discussed how your computers might be used by these back-door programs to launch a DDoS (distributed denial of service) attack. Yeah, that’s bad news, but that’s not the real problem.
In the few days that the sites provided the Trojan horses, hundreds of thousands or millions of users could have had their credit-card, stock-brokerage and bank-account numbers and passwords stolen.
Let me repeat myself: Millions of you may have every bit of your browser-driven online financial security information stolen.
The government is even starting to recommend that people move away from IE. US Computer Emergency Response Team puts out updates about how to secure your system against intrustion. From what I’ve read they suggest shutting down pretty much every feature in IE. They also say explicitly:
“Microsoft Internet Explorer does not adequately validate the security context of a frame that has been redirected by a Web server. An attacker could exploit this vulnerability to evaluate script in different security domains. By causing script to be evaluated in the Local Machine Zone, the attacker could execute arbitrary code with the privileges of the user running IE.“
The part I bolded was the important (non-techie) part. A hacker could use security “holes” in IE to do pretty much whatever he wanted on your computer. He will have access to everything you have access to, everything you type, and everything you see. user names, passwords, bank balances, bank card numbers, blog entries! you name it.
Switch to Mozilla. Firefox is only a 5 MB download. It automatically imports your bookmarks. Do it.
Leave a Reply