Slashdot Mirror
IE Vulnerable to Cross-Browser Spyware Attack
An anonymous reader writes "The Register reports that Firefox can be used to infect IE on Windows. By visiting a malicious site with Firefox, a user can infect their install of Internet Explorer. Other alternative browers may expose the same vulnerability. The article quotes the CTO of ScanSafe as saying that '[j]ust switching away from IE does not give adequate projection. Now that Firefox and other alternative browsers have a toehold in the market the hacking community will get busy exploiting the vulnerabilities that exist in any complex browser.'" VitalSecurity's report points out that this vulnerability can (only) affect Windows users who use Sun's Java Runtime Environment.
However, I remain convinced that one or two unpatched holes in FF is still safer than surfing in IE.
Fortunately the responsibility for a patch rests with Sun Microsystems as much as Mozilla Foundation so there'll be one pretty soon.
A firewall ought to give additional protection in the meantime - normally I add a rule to my PCs to prevent IE from accessing the web under any circumstances and would encourage others to do likewise from now on, I guess.
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
It's not enough to remove I.E. and whatever else program you are using from Microsoft.
Whatever MS-stuff is left will be enough to get you infected.
The ONLY solution is to change operating system.
I suggest Linux.
Had to be said.
I don't know the meaning of the word 'don't' - J
Shouldn't it read, "Alternative Browsers Vulnerable To Cross-Browser Spyware Attack?"
Now that we're seeing what happens when the same millions of clueless people run a safer browser, then the fault lies squarely on said users instead of the people who put it out.
My, how the times change.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo