Two new vulnerabilities have been discovered in Internet Explorer which allow a complete bypass of security and provide system access to a computer, including the installation of files on someone’s hard disk without their knowledge, through a single click.
Worse, the holes have been discovered from analysis of an existing link on the Internet and a fully functional demonstration of the exploit have been produced and been shown to affect even fully patched versions of Explorer.
It has been rated “extremely critical” by security company Secunia, and the only advice is to disable Active Scripting support for all but trusted websites.
As I’ve been saying for a long time, IE simply has too many security issues to be trusted as an internet browser. Most of the issues are due to the Windows integration features. If you disable all that stuff, a lot of the fancy IE-only code on websites won’t work anyway. To make IE safe, you basically end up removing most of the proprietary stuff that other browsers like Mozilla and Opera don’t have. Might as well get a browser that has other features going for it, rather than a few tricks that have to be disabled for security issues.
I’ve heard that Opera 7.5 is pretty good, but it’s closed source adware. I personally prefer Mozilla’s open source approach, which brought about Firefox. FYI, Firefox used to be Firebird, which used to be Phoenix. Phoenix was started by someone else who took the source code to the Mozilla suite and shaved it down to just the browser stuff. It seemed to be such a good idea that the Mozilla team accepted it, and plans to move the Mozilla suite to a package of separate programs instead of one huge executable.
http://www.theregister.co.uk/2004/06/10/ms_inpatched_ie_flaw/ has more info on the vulnerability too. VirusScan did catch it as VBS/Psyme when I downloaded a copy of the exploit to examine. However, the harmless demo didn’t trigger any alerts, so I’m guessing that this specific exploit just happens to use an old payload – updating that script or using a different one would probably let it slip past virus scanners.