The Security Fix has more on the issue this morning as well. It’s worth noting that more than half of the visitors of SecurityFix are using Internet Explorer, about 50% of users at SANS and 49% here, (more like ~85% on my non-tech related sites). So, there are a WIDE swath of viewers that ARE CURRENTLY VULNERABLE…
On the Main page at the SANS incidents.org page, there is a bit of text just above the “handlers diary entries” that depending on your browser will show…
You are considered not vulnerable
Or something like the image below at the SecurityFix..
(On the incidents.org page, you’ll need to look for the pink rectangle and read the text right underneath. I missed it as I was browsing the site earlier.)
–udpate 12:34am EST 11/23/05–
–update 1:01 AM EST 11/23/05–
The Department of Homeland Security’s CERT advisory on the problem, left out a basic bit of advice the suggestion to use an alternative web browser. Brian, at the securityfix, reminds us of a problem in 2004 in which CERT suggested the using of alternative browsers (CERT didn’t specify any particular alternatives). In Brian’s article, he added something along the lines of “such as …. Firefox, Opera or Netscape”, which led to voicemail complaints from Microsoft, and their PR folks AND CERT that he was putting words into their mouths.
He does note an interesting stat in pointing out that most people likely get their computer security advice from somewhere other than US-CERT…
(Web site monitoring firm Netcraft’s anti-phishing toolbar ranks US-CERT.gov as the 220,589th most popular site on the Web)
He recommends (as do many others) installing an alternative browser like Opera, Firefox, or Netscape and using that to browse at least until this vulnerability is patched.
For those users who positively must continue using IE for everyday Web browsing, disabling scripting in the browser should protect you from this flaw. Here’s how you do that:
1) From IE’s top menu, go to “Tools.”
2) Choose “Internet Options.”
3) Click on the tab marked “Security,” then the button marked “Custom Level.”
4) Change the buttons under the “Scripting” heading from “Enable” to “Prompt” or “Disable.”
For the above reason, he recommends Firefox with the noscripts extension as has already been discussed above. For most sites Firefox provides a good browsing experience (I’ve run across a few still that are IE only). Some of the feature improvements though in firefox (and extensions) may bring you to the point of not returning to IE. (Yes you can import all your bookmarks, the first time it loads it asks if you want to do that.) The nice thing about the noscripts extension is you can load the page, the extension sits in the status bar and scripts can be enabled after seeing the content of the page. (Much better to have info to make a judgement call on, eh?)
Further… I’ve heard reports that firefox under linux crashes on the exploit code. I haven’t had a chance to test that out, likely will momentarily. (Having the noscript extension would prevent that.) (It does indeed seem to have that effect for me as well.)
Related PostsRelated Posts
- Windows more secure than Linux? For the last week, I've seen various headlines referring to a report from US-CERT that indicated 2005 had 5,198 security flaws reported. Out of those 2,328 were reported for Linux/Unix, 812 for Windows and 2,058 affecting more than one operating system. Now, I'm seeing all sorts of headlines about how......
- Page banned from Google? So for the past month and a half I've been puzzling over northcarolinagenealogy.net and it's mysterious sudden disappearance from google. I mean... let's see, there are a couple hundred posts there. It uses the same template as this and the South Carolina genealogy site do. Nothing really different than the......
- WMF exploit situation summary... Since there's been quite a bit of flux the last couple of days I thought I'd try to "reset" the situation and give a general overview of where we stand now with regards to the recent WMF zero-day exploit. 1st there is a vulnerability in the way Windows renders WMF......
- Download Flash Video from Any Website Do you want to download a flash video? Are you having trouble finding a good program or plugin to rip flash videos? Do you want to know how to download flash video from any website? You've come to the right place. There are lots of programs and browser plugins that......
- Greasemonkey Script for Submitting Pages to Ping.fm Today I put together yet another Greasemonkey script. This script will allow you to quickly submit URLs to Ping.fm. You'll first need to supply your Ping.fm application key to the script. Just right click on the little monkey and go to User Script Commands, and select Set Ping.fm App......
- Optimizing Flash Files For The Search Engines What is a Flash Movie? A flash movie, or shock wave file (SWF), is the file format published when a Flash movie is exported. A SWF file can also be exported by several other Macromedia or Adobe Products. The SWF is usually an animation, dynamic menu, or highly interactive web-based......
- Exploit for Unpatched Internet Explorer vulnerability
- Mozilla Firefox use above 15% in the US…
- Microsoft Releasing out of Cycle Patch for Internet Explorer Exploit
- ABC news weighs in on the new browser wars