Mozilla Downloads Rise Following US-CERT Recommendation to Drop IE

Friday July 2nd, 2004

Wired News is reporting that Mozilla downloads have surged following advice from the US Computer Emergency Readiness Team (US-CERT) to avoid Internet Explorer for security reasons. Download numbers approximately doubled in the days following the US-CERT recommendation, which was made in the form of an update to an earlier vulnerability note and comments to the press. US-CERT is a partnership between the United States Department of Homeland Security — the government organisation set up in the wake of September 11th to prevent terrorist attacks — and the public and private sectors.

US-CERT's advice follows last week's outbreak of the Download.Ject virus, which exploited a number of holes in Microsoft's IIS Web server and Internet Explorer to install a password-stealing trojan horse on Web surfers' computers. Microsoft patched some of the flaws before the outbreak occurred and today released another update that protects against the vulnerability by way of a configuration change (though the underlying problem has not been fixed). Windows users should hotstep it to Windows Update (must be visited using IE) to install the patch, regardless of whether they use Internet Explorer as their default browser.

#49 Re: Re: You mean there is no way to turn off IE???

by bogado

Monday July 5th, 2004 2:33 AM

You are replying to this message

There is always a chance that the rendering engine would be called by some local document, received by email or some other mean. While it is loaded into memory and tightly integrated into the windows shell there is a chance of problems. If it is there it is adding to the complexity of the system, and the more complex the system is the harder it is to protect it.