Just the latest example why it boggles my mind that anyone still uses IE, when such a superior alternative exists in the form of Firefox. :(

http://www.sys-con.com/story/?storyid=47736&de=1

glad i use ff on my 98se pc ;)



cant wait for pda firefox

we have no choice at work... they are even cracking down on users of free-ware.

The demonstration is here: http://secunia.com/internet_explorer_command_execution_vulnerability_test/

glad i use ff on my 98se pc ;)

That just means that your system is 10x less secure. :D

Microsoft should move to Switzerland and make cheese. They already make cheesy software riddled with holes, so it would be a natural transition. :p

You peeps do have a choice for a secure OS on the X86 chips... DOS. :D :p

<]=)

The demonstration is here: http://secunia.com/internet_explorer_command_execution_vulnerability_test/

I opened up IE to test it (pretty easy thanks to the View This Page in IE extension in FF). It opened a new window, but it was a small (HTML) help window, and I got an IE script error error dialog as well. This is contrary to what the page says:
You are vulnerable if a new Internet Explorer window opens, displaying a new Secunia web page.


anyone get anything different?

I just installed Firefox, and I'm impressed so far.

I'm just tired of all the anti-spyware stuff you have to do to IE.
If this works for me at home I'll switch all the browsers at work over to it.
(That is if it's okay. I'll have to check.)

Another eye-opener, winexprt.

EDIT

Wow is this thing fast now! :D

On IE, it opened up what appeared to be a standard Help Window, then a Command Prompt! Looks pretty vulnerable to me.

Failed here, although I had to change my Activex settings in IE to run the demo.

I'm a FireFox convert.

I've installed it on my Win98SE machine here at work and it's just great.
I won't be switching all the machines at work over however after reading up a bit on the pros and cons, but you can believe I'm getting my boss into it. -His wife is a spyware magnet. -stipud cooking sites!

I clicked the link and nothing happend. Whats that about. Is my computer secure, or not.

I prefer firefox to IE. I am currently hanging on a slow landline, and FF is ten times faster than the IE. I don't know why, but the background tabs really are useful.

Get Firefox, dudes!

I'm on Opera and NetFront. IE and Firefox are slugs :D

I clicked the link and nothing happend. Whats that about. Is my computer secure, or not.
Also on my computer nothing happened. Am I lucky?

Woo Firefox works great. Way faster than IE. Thanks quys

Also on my computer nothing happened. Am I lucky?
We're not lucky. At least I wasn't. I just chose the proper security settings as is always the wise thing to do. I have IE.6 with XP.pro.SP2 and, as I expected, the link could not execute the script.

I tried FireFox and I found it to be.........[different] but quite unnecessary unless you want to change for the sake of change. My online banking is not possible with it and my employer's servers do not except remote logins with it. The plugin concept is interesting but gives me very little functionality that I don't already have. So, as the architect so eloquently put it in "matrix reloaded", the problem is choice.

If you choose to use the most popular internet browser, the first, most important thing you should understand are your security settings. Everything else is Windows dressing (pun intended) ;)

one of the problems as pointed out with the various security meetings that deal with multiple browsers/OSes. It is difficult to know who is more or less vulnerable. the problem is that MS is a great target, it is the Goliath and everyone wants to play the david. There are holes in other browsers and OSes, and they are fixed when they are found. It is possible that Windows is less secure, it is however definately the larger target and therefore a greater danger by intention if not by physical differences.

Something else to think about. With Windows being the bigger target, and now that they are finally (and I do mean finally, because they have ignored it for years) made a definate effort to attempt to catch up on security. Being the larger target, they will get 100 times the attacks, 100 times the fixes, and eventually become stronger for it.

I do believe windows is poor on security, they ignored it for too long to be otherwise. Under 95 they spent more budget on advertising and legal efforts to BLOCK news stories about vulnerabilities than they did on programming efforts to fix it. That started them off on a REALLY bad foot. They have their chance to catch up now, if they really are making an honest effort. So far they seem to be addressing most security patches in days instead of weeks, and the harder ones in weeks instead of months. This is, so far, a good sign. If they can keep it up, they might actually catch up.

Time will truly tell.