Internet Explorer poses security risk
A senior panel of internet experts issued a stark
warning over Microsoft's Internet Explorer web browser, which they described as
having "significant vulnerabilities in technologies." The group advised people
to switch to a different browser.
"To keep on using IE is like playing the lottery.
You're hoping the sites you visit aren't compromised," warned Johannes Ulrich,
chief technology officer for the Sans Internet Security Centre in the US. In
just the last week, security experts have found criminals exploiting two
separate vulnerabilities in IE. The first vulnerability, called "Download.JECT,"
silently redirects the browser to a Russian website where is downloads softwaret
hat monitors keystrokes and sends out spam. "The number and seriousness of the
vulnerabilities is now getting past a joke," complained Neil Barrett, security
consultant of Information Risk Management. "Some of things that can be done to
it are really powerful from the hacker's point of view. There are presently more
than 30 attacks that it's vulnerable to which haven't been fixed by Microsoft."
Other vulnerabilities in IE include
pop-up adds that can silently download and install Trojans that monitor whether
banking sites are visited and then log keystrokes; "phishing" related attacks
that use hide malicious internet addresses to try to sucker unsuspecting PC
users into providing important information to criminals; and the ability to
change the computers' internet settings to dail a premium-rate number to porn
sites.
Posted: Sun - July 4, 2004 at 09:31 PM