Serious IE Vulnerability

I know – I know. Typically I don’t post about Internet Explorer exploits. However, this one is pretty serious.

I do have a few customers that must use IE for sites such as the Caddo Parish and Bossier Parish websites. Both of them stupidly use Active X controls. Not that either of these sites are malicious, but they tacitly encourage people to use Internet Explorer, which puts users at greater risk.

How do you avoid the IE risks and vulnerablilities? Simple – USE FIREFOX.

www.mozilla.org

——–
The Vulnerability
——–

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/961051.mspx

Limited Exploitation of Microsoft Security Advisory 961051
http://blogs.technet.com/mmpc/archive/2008/12/11/limited-exploitation-of-microsoft-security-advisory-961051.aspx

According to the investigation thus far, the vulnerability affects Windows Internet Explorer on supported editions of Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.

Our telemetry indicates that this issue is impacting home and corporate users.

This issue could impact you even if you avoid surfing questionable sites. Over the past few months, we’ve seen a surge in SQL injection attacks which enable miscreants to inject content onto trusted sites…