Hi Bob, I believe this has been discussed in the recent news, as well as other security mailing lists, but in summary:
The following link details compromised/malicious web servers infecting end-users by exploiting unpatched vulnerabilities in IE browsers: http://isc.sans.org/diary.php?date=2004-06-25 The infection results in the installation of a keylogger, and various backdoors on end-users computers, which definitely has an impact on privacy of business information. "A large number of web sites, some of them quite popular, were compromised earlier this week to distribute malicious code. The attacker uploaded a small file with javascript to infected web sites, and altered the web server configuration to append the script to all files served by the web server. The Storm Center and others are still investigating the method used to compromise the servers. Several server administrators reported that they were fully patched. If a user visited an infected site, the javascript delivered by the site would instruct the user's browser to download an executable from a Russian web site and install it. Different executables were observed. These trojan horse programs include keystroke loggers, proxy servers and other back doors providing full access to the infected system. The javascript uses a so far unpatched vulnerability in MSIE to download and execute the code. No warning will be displayed. The user does not have to click on any links. Just visiting an infected site will trigger the exploit." More generally, and partly because of its wide-spread use today, IE is a main target of malware developers. While other browsers are not immune to security flaws, switching to another browser may significantly reduce the likelihood of a browser flaw being exploited. CERT recently recommended using a different web browser: http://www.theregister.co.uk/2004/06/28/cert_ditch_explorer/ http://www.us-cert.gov/current/current_activity.html#iis5 "There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, the DHTML object model, MIME type determination, and ActiveX. It is possible to reduce exposure to these vulnerabilities by using a different web browser, especially when browsing untrusted sites. Such a decision may, however, reduce the functionality of sites that require IE-specific features such as DHTML, VBScript, and ActiveX. Note that using a different web browser will not remove IE from a Windows system, and other programs may invoke IE, the WebBrowser ActiveX control, or the HTML rendering engine (MSHTML). " I hope this helps. Best Regards, Skander Ben Mansour -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Yaakov Yehudi Sent: Thursday, July 08, 2004 7:59 AM To: [EMAIL PROTECTED] Subject: [Full-Disclosure] How big is the danger of IE? I would be interested to hear just how big the danger of IE is. How could it affect the privacy of big business?, or any business for that matter? or what about the Government - could information leak from govenrment employees computers? They do something to stop that right? Bob Palliser __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html