The security community is buzzing about another vulnerability in Internet Explorer, while Microsoft races to get a patch out the door. When somebody discovers a new way to break an Internet browser, the bad guys are now trying to exploit it immediately, the same day if possible, before a patch is issued. Here’s an article with details about this week’s attacks; a link by e-mail to a malicious web site can result in bad software being silently installed. Reportedly e-mails are circulating that purport to be links to online greeting cards.
Do I need to repeat the reminders? Oh, all right. Excerpted from the rules for safe computing: Follow links with carefree abandon to and from legitimate sites, but don’t click on links that arrive in spam e-mail, instant messages, web forums, or IRC chats, or that start from an untrustworthy web site. Be paranoid and surf carefully!
Presumably there will be snide references to the weakness of Internet Explorer and the virtues of other browsers. In the real world, Symantec’s “Internet Security Threat Report” for the first half of 2006 showed that Firefox had the most security vulnerabilities by far and the greatest increase in vulnerabilities, ahead of Internet Explorer, Safari, and Opera – all of which had their own vulnerabilities to report and patch. As always, every trip to the Internet requires prudence and caution, and every operating system and software program can be broken by bad guys. Be careful out there!