RSS Archive Contact Us Advertise

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > A Safer Way To Browse The Internet
Search:
[ insider_reports_insider ]

A Safer Way To Browse The Internet



Jeremy L. Muncy
Staff Writer
2004-11-09

SecurityProNews: Insider Reports Insider Reports RSS Feed


Just shy of two years development, well over 8 million preview-downloads, and numerous name changes Firefox 1.0 has been officially released.

Putting Security Risks On Lockdown...
Putting Security Risks On Lockdown...

Firefox, based on the Mozilla Foundation's open-source development work, was ready for people to download at 1 am PST Tuesday.

"Our browser is moving into the mainstream," said Mitchell Baker, president of the nonprofit Mozilla Foundation, based in Mountain View, Calif. "Being an alternative browser in today's market is a challenge, but people have begun to realize that the browser matters, that the browser you get with your computer can be a beginning point and not an endpoint."

Mozilla owes a large portion of their success to a steady stream of Internet Explorer issues with security & spyware. Browsers face security bugs, but IE seems like it has a huge target on its back. Almost weekly you hear of a new security bug targeting IE users.

"We're seeing the natural ebb and flow of a competitive marketplace," said Gary Schare, Microsoft's director of product management for Windows, professing indifference in response to a question about Firefox's apparent market inroads. "Curious early adopters are trying it out, and frankly we're happy they're trying it out on Windows. We believe that IE is the best browser out there, but we're happy to have (Firefox users) on the Windows platform."

The Computer Emergency Readiness Team (CERT), a division of Homeland Security, issued an advisory suggesting that Internet users consider ditching IE and go with one of their competitors. Independent groups have launched their own campaigns urging Web surfers to consider alternative browsers.

New MyDoom Spreads Using Internet Explorer. A newly discovered security vulnerability in Microsoft's Internet Explorer allows a variant of the MyDoom virus infect a PC after the user clicks on a link.

The companies said they had only detected a few instances of the infector, which is labelled MyDoom.AG by McAfee and MyDoom.AH by Symantec.

"We have only received one submission from the field, but the technical aspects of this are concerning," said Craig Schmugar, senior virus research manager at McAfee. "It has all the components there to become a significant virus."
The virus uses a flaw to execute malicious code on the victim's computer, infecting the system. The virus harvests e-mail addresses on the compromised system, sends out mail to spread the virus further, sets up a Web server and attempts to contact several Internet relay chat (IRC) servers as a way to notify the virus's creator of that a new system has been compromised.

"As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources," said Microsoft in a statement sent to CNET News.com. "In addition, we continue to encourage customers follow our 'Protect Your PC' guidance of enabling a firewall, getting software updates and installing antivirus software."

Flaw In Norton Anti-Virus Software. A vulnerability in the Norton AntiVirus software could allow malicious scripts to infect a machine if the user has admin rights, as most PC's located at home do.

Security researcher Dan Milisic, who discovered the vulnerability in October, told ZDNet Australia that Symantec is "missing the point" and trying to "mislead" its customers because Norton AntiVirus 2005 is an application designed for consumers, the majority of whom run their computers with administrator rights.

"They're not saying my code doesn't work because they can't -- it does. They can however choose to completely miss the point. Norton AntiVirus is aimed at the Home and SOHO market. There is a separate product for corporate protection. By default, in the Windows XP OOBE (Out Of Box Experience) users are administrators," Milisic said.

To further demonstrate the flaw Milisic created a small "movie" of his script in action. "Putting this together was pretty simple and worth the effort to properly address Symantec's response. I will let the presentation speak for itself," he added.


About the Author:
Jeremy Muncy is the editor of http://www.SecurityProNews.com.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2008 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds