Dragaera

new Microsoft Internet Explorer vulnerability

Mon Nov 21 11:28:02 PST 2005

----- Original Message ----- 
From: "Mark A. Mandel" <thnidu at yahoo.com>
To: "Dragaera list" <dragaera at dragaera.info>
Sent: Monday, November 21, 2005 12:04 PM
Subject: new Microsoft Internet Explorer vulnerability


> My department's IT chief just forwarded this message to everyone from the
> University's Information Security Office. I don't have time to write a
> filk about it.
> 
> -- Mark A. Mandel, The Filker With No Nickname
>      http://filk.cracksandshards.com/
>      Now on the Filker's Bardic Webring!
>      [This text prepared with Dragon NaturallySpeaking.]
> 
> 
> 
> \\\\\
> 
> 
> Hi all,
> 
> It appears that an advisory has been released about an unpatched
> Microsoft Internet Explorer vulnerability which allows the execution of
> code by simply visiting a malicious website. At the same time they
> released proof-of-concept code which has been verified by SANS to work as
> advertised.
snip
> Workarounds:
> 
> Use another web browser such as Firefox, Netscape or Opera If you have to
> use IE disable 'active scripting' for non-trusted sites or disable
> JavaScript.


Heh, I don't even use IE at work. Firefox is much mo' better.