[Eagle9]

I'm using Mozilla FireFox 0.9.1 as my browser. I took the browser test in the last paragraph. My browser passed the test with no problem. That leads me to believe that this version of FireFox was not vulnerable to this particular attack.

I have downloaded and installed the latest critical update from Microsoft for IE 6.0. My IE 6.0 browser did not pass this test.

Test your browser.

[mean lunch lady]

Makes me glad I have a Mac-

[Arkinsaw]

Mozilla 1.7 under Windows does not seem to be vulnerable.

[ShadowAce]

Browser Ping

[swilhelm73]

Hmm, even the previous Netscape Browser (7.1) is vulnerable...that is surprising.

[EGPWS]

As if to prove the point that security is like the Dutch boy at the dike,

Thank God I have taken more effective measures to alleviate my system from such concerns. (without giving up the usability given by IE)

[DeFault User]

I tried it with Opera 7.51 identifying itself as Mozilla. It failed.

However, when I try to open my bank account with Opera, it won't work if Opera identifies itself as Opera, only as Mozilla. Weird.

[Ethrane]

How do we know that "checking" our browser is safe?

I'm not the most computer savvy guy around..

[Eagle9]

Updated info Ping.

It seems to me that there is a contradiction in this article, or it's addressing two separate issues.

[octobersky]

"Test your browser."

Internet Explorer failed. Firefox passed.

[First_Salute]

Bump.

[suzyq5558]

Iam using mozilla 1.7 after dumping IE last week. I took the test and mozilla passed.

[backhoe]

---

Freepers how do I get rid of this spyware crap that is on my computer?

Worm and Virus Wars- the August Edition

 http://www.mozilla.org/products/firefox/

[Byron_the_Aussie]

Appreciate it, Eagle.

We've had Bill Gates out here this week, meeting with our Prime Minister. And all week I've been battling IE problems- the Byte.Verify trojan, Bloodhound, and CoolWebSearch. And I must have thought, at least ten times, 'go home, Gates. Just go home, and fix up the holes in your product.'

[Squantos]

Well I downloaded the update last night from MS , restarted the puter and this "test" still seems to show I'm vulnerable based on their "test" ?

I'm running Norton Pro, Spybot & Blaster, Ad-Aware, AVG and Zone alarm pro all up to date with latest and greatest..... ???

Suggestions ? I know buy a Mac or go with mozilla.......:o)

[Bush2000]

On Friday, however, the security vendor modified the alert to claim that virtually every browser, from Internet Explorer and Mozilla to Opera and Netscape -- including browsers for both Windows and the Mac OS -- has this flaw.

See, cretins? Don't say you weren't warned.

[Citizen of the Savage Nation]

Thanks for the post. I was running Mozilla 1.1, didn't know it was that old and it was vulnerable so I downloaded v1.7 and that solved the problem.

[DB]

Interestingly, IE failed the test but iRider passed using IE as its rendering engine...

[AnimalLover]

Thanks for posting this important information. I have just finished installing a crital patch from Microsoft.

Here's hoping!

[Future Useless Eater]

The update, which Microsoft tagged as “Critical,” isn't a patch per se, but rather an change to Windows that disables the ADODB.Stream object

FYI, the Internet Storm Center tested this latest Microsoft/IE 'fix' and found it inadequate to stop hackers...

"...even after 'ADODB.Stream' is disabled, it is still possible to launch programs on the users system without user interaction."

A related suggestion was distributed by security experts this week that could ALSO be of interest. They reiterate an MS security note (Microsoft Knowledge Base Article 833633) concerning the "Local Machine zone"...

For those of you that don't mind tinkering under the hood" of your computer such as to tighten ALL the security settings in every zone with: Control Panel --> Internet Options --> Security
MS announced a FIFTH security zone NOT shown in that tool with suggestions of tightening things THERE as well...
The control panel tool shows only these four zones:

• Trusted sites
• Local intranet
• Internet
• Restricted sites

The 5th (even higher level) zone is known as "Local Machine zone", and the MS article suggested it may be helpful for the security conscious, in some cases to even strengthen some security settings there.

"a malicious user may try to take advantage of the power of the Local Machine zone to elevate their permissions and to run arbitrary code on your computer."

Those zone settings can only be tweaked using the registry editor (regedit), and the changes do the following for the Local Machine zone:

• Disables ActiveX Controls and plug-ins
• Disables Active scripting
• Disables data sources across domains
• Disables Java

If any of you say "you no longer use IE", be aware that a Windows computer STILL HAS SEVERAL OTHER programs that venture out on the internet and can be at risk (Windows Media Player) for example. Shutting off these vulnerabilities helps security in those OTHER programs as well.

With the latest sophistication of trojans, worms, and virus, I recommend tightening EVERY security zone (there is practically no such thing as a 'trusted site' anymore, and even the 'Local intranet' zone is commonly corrupted).
Then install a non-MS browser and emailer if you haven't already.

[Musket]

bump for later.