Mozilla Downloads Rise Following US-CERT Recommendation to Drop IE

Friday July 2nd, 2004

Wired News is reporting that Mozilla downloads have surged following advice from the US Computer Emergency Readiness Team (US-CERT) to avoid Internet Explorer for security reasons. Download numbers approximately doubled in the days following the US-CERT recommendation, which was made in the form of an update to an earlier vulnerability note and comments to the press. US-CERT is a partnership between the United States Department of Homeland Security — the government organisation set up in the wake of September 11th to prevent terrorist attacks — and the public and private sectors.

US-CERT's advice follows last week's outbreak of the Download.Ject virus, which exploited a number of holes in Microsoft's IIS Web server and Internet Explorer to install a password-stealing trojan horse on Web surfers' computers. Microsoft patched some of the flaws before the outbreak occurred and today released another update that protects against the vulnerability by way of a configuration change (though the underlying problem has not been fixed). Windows users should hotstep it to Windows Update (must be visited using IE) to install the patch, regardless of whether they use Internet Explorer as their default browser.

#27 Re: Privacy Settings

by mlefevre

Saturday July 3rd, 2004 5:12 AM

You are replying to this message

Blocking non-session cookies will break a lot of sites. Pop-up blocking is active by default I think.

How would you define "known malicious sites"? If you're going to block access to stuff by default, you need to be able to back that up, both legally and in PR terms. Also malicious sites tend to move around, so to be effective you'd really need some way of updating the list.

And which anonymous proxies? Again, if you're going to a supply a list that will be used by hundreds of thousands of people, and which will last for a long time, you'll need to have a formal arrangement with officially available proxies. Also not something that everyone is going to want.

There's probably a market for this kind of thing, but it might be better supplied as a custom build, or as extensions.