elamb » IE 7

Zero-Day IE Exploit Takes Control of PCs

elamb.security — Mon, 28 Nov 2005 22:36:44 +0000

Yikes, all you have to do is browse to the affected page. Glad I have Firefox!

Firefox tops IE on security. Update IE early and often. Make sure you lock IE down or simply disable it and use Firefox. But be aware that Firefox still has some limitations.

IE is swiss Cheese!!

read more | digg story

Firefox Still Tops IE for Browser Security

elamb.security — Sat, 08 Oct 2005 04:57:31 +0000

The number of security holes that occur isn't as telling as how they're handled.

Here is the skinny. FireFox actually has more security issues
than Internet Explorer, but the thing is that it usually takes
Microsoft weeks to fix security issues. This gives malicious code
writer PLENTY of time to create and distribute something juicy.

“Mozilla is forthcoming about vulnerabilities,” Levy said, whereas “it takes Microsoft far longer to acknowledge vulnerability.”

Now here is another thing about Microsoft (and CISCO) they lie and
cover up some of the security flaws. This is probalby because of
reputation and shareholder protection or who knows what other
beauracracy and formalities.. but FireFox is very fast.

I was at Defcon 11 and I recall some Gray Hats found a few flaws in
Microsoft products (serious ones… nothing new about that). They attempted to submit these
flaws to Microsoft and other companies and were completely
ignored. Sometimes it seems giant corporations can only put out
fires instead of prevent them.

Here is an example of how slow the Microsoft people are on security —> 6 Month old exploit.

read more | digg story

Cleaning Internet Explorer

elamb.security — Wed, 05 Oct 2005 07:34:51 +0000

IE 6.0 and below suck. Honestly, it is updated a few times every other
month with SERIOUS security issues. Those security issues are
constantly exploited by spyware and spam. It really is ridiculous
how much business Microsoft has given to spammers.

Switching to FireFox, or Opera

FireFox is the Shiznit!

CLEAN IE, DOWN AND DIRTY:

1) Get Rid of Cookies.
Do a search on your entire computer for cookies just as you would search for ANY file. Type in “cookie” in the search app
2) ADD/REMOVE SpyWares
Next uninstall the blatant crap on your system: Go to Add/Remove
Programs | look for applications like “search” or “accelerator” or
“optimizer”. Don't just arbitrarily remove stuff, only remove
stuff you know it crap. If you not sure, google it.
3) Get the TOOLS
Next download “adaware” its free on majorgeeks.com
Another good one is CWShredder and Hijackthis (use with great
caution. In fact, don't use it without reading up on it.)
4) USE SAFEMODE
Boot into safemode and use all your new found tools.
Safemode only runs your essential processes.
Get to safemode by rebooting and hitting “F8″ like crazy as computer starts to come up.

This should clean your system unless you have some very special Trojans
or RootKits on your system. If the problem is really bad you can
always back up your important data and reload Windows from scratch.

EXCLUSIVE: New security flaw in IE

elamb.security — Thu, 29 Sep 2005 22:29:23 +0000

The problem lies in the way Microsoft has implemented a JavaScript
component in its Web browser, security researcher Amit Klein wrote in a
research document. Internet Explorer does not validate some data fields
provided by a PC when the component, called XmlHttpRequest, is used, he
wrote.

This affects IE 6 (even with Window XP SP2). It can be thwarted by setting the security to “High.”

This just another example of how bad IE is and how vulnerable our
browser can be. Once again I recommend switching to Firefox.

Lets hope and pray that IE 7 is not as flawed as all previous versions of Internet Explorer.
read more | digg story

Some feeling on Windows

elamb.security — Sun, 25 Sep 2005 08:45:59 +0000

Windows Vista is the next version of the Windows operatings system.

I must admit, Microsoft has evolved greatly from one operation system
to the next from a security and functional perspective. Many
geeks complain about Windows and say that Linux is way better or that
the HATE Microsoft and Bill Gates (the Anti Christ), but 98% of those
geeks use Windows and many of those use it as their main box.

I like Windows 2000 on up. Sure there are issues but I can't use
a Linux box to play Age of Empires (or at least I don't think you can).

I love Linux but many times when I come home from work I just don't
feel like messing around with a computer for anything except
entertainment. I use my *nix OSes for testing, trouble shooting,
hacking and pentesting. My biggest issue with Windows (besides
Microsoft) is Internet Explorer… I really don't use it so I guess its
not that big of an issue. Hopefully, IE7 will be as good as
Firefox.

Official Longhorn Name is Windows Vista

elamb.security — Fri, 22 Jul 2005 20:24:22 +0000

The official new name for the Longhorn operating system is Microsoft Windows Vista.

I'm excited about Vista inspite of myself. I'm not fond of
Microsoft's relentless business practices, but I think they've got
pretty solid products (excluding Windows ME and other disasters).
They have the resources and skills to adjust to the ever changing tech
climate.

I.E is not one of my favorite browsers, its just leaves me too exposed,
but Windows has evolved quite nicely. All that is left is for
them to copy UNIX like OSX did and they will be untouchable like Eliot
Ness!

They should be releasing IE7 with Vista.

read more | digg story

IE7 will have antivirus/anti-phishing tech built in

elamb.security — Sun, 10 Jul 2005 07:40:09 +0000

Microsoft has detailed its forthcoming privacy and security plans, which incorporates antivirus technology from recently acquired Sybari, and enhanced anti-phishing software. “Anti-phishing will definitely be built in to IE 7,” said Brendon Lynch, senior privacy strategist at Microsoft.

Sounds cool. I'm really looking forward to the built in RSS features of IE7.

read more | digg story