Exactly - the "average" user runs a browser with Java and Adobe plugins. This gives a much greater scope for exploitation than any subtle differences between browsers. I'd worry far less about what browser they run, and far more about their user privs and ability to keep all of their software up to date. IE's smartfilter (is that what it's called? Can't remember!) blocks a lot of bad stuff and it's a great addition to the browser. I'm glad that it exists and the malicious software removal tool, etc. since there are so many users out there who never renew that 3 month free trial of AV that came from the OEM!
a -----Original Message----- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: 11 October 2011 05:36 To: NT System Admin Issues Subject: Re: AV and malware protection? On Mon, Oct 10, 2011 at 21:01, Ben Scott <mailvor...@gmail.com> wrote: <snip> > Now, > I regard ActiveX as a really bad idea to begin with -- allowing a web > page to push binary executables to my PC is *not* a good idea, IMO, Java, too. > and I think history would support me on this one -- but if you're > going to allow it, you need something a bit better than just requiring > a bit of crypto thrown at it. More reasonable would be denying > install to anything but Trusted Sites. If the user can't type the > site name that's a fair bet they shouldn't be installing it, one way > or the other. There are a number of other things, too, such as the > ability to run an EXE from the web in two clicks, or allowing scripts > to manipulate the browser window (Firefox does that too, I might add). Allowing anything running in a browser to write to disk or touch other running programs or other hardware is poor design, IMHO. But I'm a paranoid freak, and don't like computers, so what do I know... Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ************************************************************************************ WARNING: The information in this email and any attachments is confidential and may be legally privileged. If you are not the named addressee, you must not use, copy or disclose this email (including any attachments) or the information in it save to the named addressee nor take any action in reliance on it. If you receive this email or any attachments in error, please notify the sender immediately and then delete the same and any copies. "CLS Services Ltd × Registered in England No 4132704 × Registered Office: Exchange Tower × One Harbour Exchange Square × London E14 9GE" ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin