«

OK, I thought from reading the net I knew the truth: that IE is inferior
to Mozilla, Firefox and Opera in security ( e.g., the recent exploit on
IIS servers ). My cpu repair business friend swears that it was the IT
managers' fault that that exploit occurred. Am I missing something ?

steve h. wrote:
> OK, I thought from reading the net I knew the truth: that IE is inferior
> to Mozilla, Firefox and Opera in security ( e.g., the recent exploit on
> IIS servers ). My cpu repair business friend swears that it was the IT
> managers' fault that that exploit occurred. Am I missing something ?

There's something known as "security by obscurity." Basically this
applies to various mail applications, operating systems, browsers, etc.
Microsoft (M$) is the "big boy" on the block in most homes simply due
to shear marketing force. It stands to reason that attackers will seek
to break that which can cause the most damage. It's true that M$ has
many known security flaws in their software and they continually release
patches to meet those threats. It's also true that other software
vendors have security holes that go unchecked until the next version
simply because no one is bothering to exploit said holes - or shall I
say there aren't enough people using the software to make it worthwhile
to exploit the holes.

I said "etc." above because it isn't just limited to the software run on
computers. Take a look at
http://informationweek.securitypipel.../news/18902528 and learn more
about the "big name" in routing equipment and their recent flaws.

Later,
Doc S.

"steve h." <> wrote:

> OK, I thought from reading the net I knew the truth: that IE is
> inferior to Mozilla, Firefox and Opera in security ( e.g., the
> recent exploit on IIS servers ). My cpu repair business friend
> swears that it was the IT managers' fault that that exploit
> occurred. Am I missing something ?

http://www.us-cert.gov/current/current_activity.html

"Boomer" <Boomer__Baby_@invalid.invalid> wrote in message
news:40e6321c$0$173$ ews.net...
> "steve h." <> wrote:
>
>> OK, I thought from reading the net I knew the truth: that IE is
>> inferior to Mozilla, Firefox and Opera in security ( e.g., the
>> recent exploit on IIS servers ). My cpu repair business friend
>> swears that it was the IT managers' fault that that exploit
>> occurred. Am I missing something ?
>
> http://www.us-cert.gov/current/current_activity.html

so is it my understanding that if all those compromised IIS servers been
properly patched with the latest MS security patches, that this exploit
would have never happened ? I know that IE had that vulnerability in it.

In article <6SpFc.15778$ >, steve h.
<> wrote:

> OK, I thought from reading the net I knew the truth: that IE is inferior
> to Mozilla, Firefox and Opera in security ( e.g., the recent exploit on
> IIS servers ). My cpu repair business friend swears that it was the IT
> managers' fault that that exploit occurred. Am I missing something ?

Most of the danger seems to be in ActiveX components. If that is true,
then IE is more dangerous, but others also need to have ActiveX
features disabled. That will probably be easier and more consistent in
a non-Microsoft browser.

If it was the fault of IT managers, it's the fault of many hundreds of
them. These are not minor infrequent problems; they are about
widespread dangers hidden in messages, in server software, and in web
sites.

So once again, what is the simplest answer? That ActiveX is a bad idea
that should be disabled, or that administrators, browser publishers,
web sites and hosts, server packages, and all of those users are all at
fault for not being diligent enough?