Re: Internet Explorer 7.0 - Don't Download it!!!!

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Thanks Jan Il, was just wondering what people around here thought.
I'll be popping by again soon so if anyone has anything else to add, i'd be
glad to hear it.

Thanx again cya around :)


"Jan Il" wrote:

Hi flashcash5 :-)

I have both installed. I tried both. I only use IE6. FF is only installed
now as a backup. No matter which browser you decided to use on a regular
basis, if you have Windows as your OS, you will need to use IE6 for updates.

Check the information here:

Courtesy of PA Bear -

<paste>
Netscape 7.x, Konqueror 3.x, Opera 7.x, Safari 1.x, Microsoft Internet
Explorer 5.01/5.5/6, Mozilla 0.x, Mozilla 1.0, Mozilla 1.1, Mozilla 1.2,
Mozilla 1.3, Mozilla 1.4, Mozilla 1.5, Mozilla 1.6, Mozilla 1.7.x,
Mozilla *Firefox* 0.x,
Mozilla *Firefox* 1.x

The problem is that a website can inject content into another site's
window if the target name of the window is known. This can e.g. be
exploited by a malicious website to spoof the content of a pop-up window
opened on a trusted website.

Secunia has constructed a test, which can be used to check if your
browser is affected by this issue:
http://secunia.com/multiple_browsers_window_injection_vulnerability_test/

Notes:
- The vulnerability has been confirmed in Mozilla 1.7.3 and Mozilla
*Firefox* 1.0. Other versions may also be affected.
- The vulnerability has been confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows XP SP1/SP2.
- The vulnerability has been confirmed in Safari version 1.2.4. Other
versions may also be affected.
- The vulnerability has been confirmed in Opera version 7.54. Other
versions may also be affected.
- The vulnerability has been confirmed in Konqueror version 3.2.2-6.
Other versions may also be affected.
- The vulnerability has been confirmed in Netscape 7.2. Other versions
may also be affected.

Solution: Do not browse untrusted sites while browsing trusted sites.

Netscape: http://secunia.com/advisories/13402/
Opera: http://secunia.com/advisories/13253/
Mozilla/Firefox: http://secunia.com/advisories/13129/
IE: http://secunia.com/advisories/13251/
Konqueror: http://secunia.com/advisories/13254/
Safari: http://secunia.com/advisories/13252/
/paste>

You can judge for yourself which you'd rather use as your primary browser.

Hope this helps.

Jan :)
MS MVP - Windows IE/OE [DTS/AumHa]
Smiles are meant to be shared,
that's why they're so contagious.

Replies are posted only to the newsgroup for the benefit or other readers.
How to make a good newsgroup post:
http://www.dts-l.org/goodpost.htm


So, if i want the best secure IE version, i should stick with 6 and apply
all
Windows updates? It appears my PC went crazy as a result of a recent IE
exploit. I'm looking into other options so need advice on this, mabye
firefox.

Does anyone have any advise/links/comparisons on this?

Thanks

"Gary Ryan" wrote:

I received an email that IE 7.0 beta version 2 was available for
download. I
downloaded it and it looked good. Then I went to the Update site to see
if
there were updates. I hit errors and it had to close. After it closed it
would not reopen.

I tried to go into the Control Panel and take it off my PC. I did; but
then
IE 6.0.29 would not open. Some add-on could not find a file, probably the
update add-on from Microsoft.

I called the Microsoft Help Line and they said they would have to charge
me
for technical assistance because they do not support their own beta
versions,
even when the beta version is what causes a meltdown. They said to
contact
the OEM or pay them.

Therefore, I will not longer be a beta tester for Microsoft. Not only do
beta tester not get paid, as the participants in the usability studies;
but,
when there are problems with their beta software, Microsoft charges you
money
for the fix. Plus, all of your time and effort.





.

Relevant Pages

  • SecurityFocus Microsoft Newsletter #176
    ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows XP HCP URI Handler Arbitrary Command Execu... ... PHPNuke Category Parameter SQL Injection Vulnerability ... Microsoft Baseline Security Analyzer Vulnerability Identific... ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #83
    ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft IIS CodeBrws.ASP Source Code Disclosure Vulnerability ... Microsoft Internet Explorer History List Script Injection ... Microsoft Windows 2000 Lanman Denial of Service Vulnerability ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #242
    ... MICROSOFT VULNERABILITY SUMMARY ... PostNuke Blocks Module Directory Traversal Vulnerability ... Groove Networks Groove Virtual Office COM Object Security By... ... The Microsoft Windows IPV6 TCP/IP stack is prone to a "loopback" condition initiated by sending a TCP packet with the "SYN" flag set and the source address and port spoofed to equal the destination source and port. ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #44
    ... Subject: SecurityFocus Microsoft Newsletter #44 ... MS Visual Studio RAD Support Buffer Overflow Vulnerability ... Microsoft Windows 2000 SMTP Improper Authentication Vulnerability ... Microsoft Windows 2000 Telnet Multiple Sessions DoS Vulnerability ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #77
    ... MICROSOFT VULNERABILITY SUMMARY ... Novell GroupWise Web Root Disclosure Vulnerability ... Microsoft Windows NT Security Policy Bypass Vulnerability ... CVS Server Global Variable Denial Of Service Vulnerability ...
    (Focus-Microsoft)