Security experts warn against false sense of IE7 security

Powered by SC Magazine
 

Microsoft browser is blood in the water for hackers.

New browser, new meat for hackers! That's the message security firms are starting to give out as users download and install the new Internet Explorer 7.

The new browser has a stack of new features that will help bring it back on par with Firefox, including tabbed windows, integrated search and RSS feed manager.

But while there are also new security features – clearer signposting of secure sites and a new badge system to alert you to phishing sites – the overall security of the product itself is now under severe scrutiny.

Already, less than 24 hours after launch, Danish security firm Secunia has issued a vulnerability warning of a URL redirection error that allows hackers to access documents served from other websites.

One source told vnunet.com that users will need to be vigilant about the software and install patches as quickly as possible.

"A new version of Internet Explorer is pretty much blood in the water for hackers, so getting new patches out is imperative," he said.

Stephan Glathe, CTO of system management supplier Enteo Software, warned: "Although companies can use the auto-update tools supplied with Microsoft programs, relying on users to activate them can be risky - most users will forget from time to time. This results in a patchwork of updates and fixes across the business, which makes it exceedingly difficult to keep track of what has been applied where."

Glathe added that recent research from McAfee shows that 45 percent of European companies do not prioritise which security patches are applied to their systems.

"Many companies also still rely on manual methods to apply these patches, which is both time consuming and inefficient. Unless a comprehensive distribution system is in place can speedily prioritise and implement distribution, whilst recording exactly which PCs have been patched, companies are still at risk."

Copyright ©v3.co.uk


Security experts warn against false sense of IE7 security
 
 
 
Top Stories
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
Microsoft confirms Australian Azure launch
Available from next week.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  22%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 303

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  59%
 
No
  41%
TOTAL VOTES: 114

Vote