Security experts warn against false sense of IE7 security

Powered by SC Magazine
 

Microsoft browser is blood in the water for hackers.

New browser, new meat for hackers! That's the message security firms are starting to give out as users download and install the new Internet Explorer 7.

The new browser has a stack of new features that will help bring it back on par with Firefox, including tabbed windows, integrated search and RSS feed manager.

But while there are also new security features – clearer signposting of secure sites and a new badge system to alert you to phishing sites – the overall security of the product itself is now under severe scrutiny.

Already, less than 24 hours after launch, Danish security firm Secunia has issued a vulnerability warning of a URL redirection error that allows hackers to access documents served from other websites.

One source told vnunet.com that users will need to be vigilant about the software and install patches as quickly as possible.

"A new version of Internet Explorer is pretty much blood in the water for hackers, so getting new patches out is imperative," he said.

Stephan Glathe, CTO of system management supplier Enteo Software, warned: "Although companies can use the auto-update tools supplied with Microsoft programs, relying on users to activate them can be risky - most users will forget from time to time. This results in a patchwork of updates and fixes across the business, which makes it exceedingly difficult to keep track of what has been applied where."

Glathe added that recent research from McAfee shows that 45 percent of European companies do not prioritise which security patches are applied to their systems.

"Many companies also still rely on manual methods to apply these patches, which is both time consuming and inefficient. Unless a comprehensive distribution system is in place can speedily prioritise and implement distribution, whilst recording exactly which PCs have been patched, companies are still at risk."

Copyright ©v3.co.uk


Security experts warn against false sense of IE7 security
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1783

Vote
Do you support the abolition of the Office of the Information Commissioner?