|
Question
I am wondering what about [security] in Internet Explorer, and [how to] make sure to use it with the security level set to "high",Ý and make
sure to install patches right away,Ý instead of switching to Firefox.ÝÝ By running with the security level at "high"
(instead of the default "medium"), I think,Ý from my limited understanding,Ý it basically turns off the various
things (such as the ActiveX controls and scripting languages that you refer to) that Internet Explorer is vulnerable to. That is what I have been doing,Ý and then when I want
to visit a site that utilizes something that is not possible to view with a "high" security setting ,Ý if I trust that site,
I add it to my list of "trusted sites", which enables me to view the item, but on that site only, because the
"trusted sites" are at a security setting of "low".Ý This is what was recommended to me by a staff member of the U.S.
Computer Emergency Response Team (CERT) in an e-mail exchange I had with him when Service Pack 2
came out.
[Can] a person that runs their computer with the security level set to "high"
(except on trusted sites) and is vigilant about applying patches when they are issued by Microsoft,Ýbe safe?Ý
— A viewer
Answer
A "Tech Talk" staff member responded:
The individual that you corresponded with from US-CERT was merely
expressing their opinion of the situation presented to them. If you read the material on their website they
never commit to a specific browser. Below are two links from their site. Both pages include information on
multiple browsers with out committing to a specific one. I don't think it would be wise for the US government
to promote one product over another to the general public. What you received was advice from one individual and
someone else within the organization might have given you a different answer.
http://www.uscert.gov/cas/tips/ST05-001.html
http://www.uscert.gov/cas/tips/ST04-022.html
I have multiple reasons for preferring Firefox to IE. While increasing
the security settings in IE will help to protect you against the automatic execution of code such as ActiveX and
Java, it will not protect you from the ways that IE handles things such as HTML or XML,
which are the languages the world wide web is founded on. Here are two known issues that altering security settings will not fix.
http://www.microsoft.com/technet/security/Bulletin/MS04-023.mspx
http://www.microsoft.com/technet/security/Bulletin/MS04-028.mspx
Patch management is a very good way to protect yourself. It will not
work in scenarios where a malicious coder has found the vulnerability
before Microsoft has handled it. Sadly this is sometimes the case.
My conclusion to use Firefox, instead of IE, is based off of IE's
track record in terms of vulnerabilities found. The transition to Firefox requires a minimal amount
of work on the part of the user. This can save them a lot of headaches and money involved in removing spyware
and viruses from their machine that was using a historically vulnerable product. As with any area of specialty,
experts may have differing opinions. You are welcome to follow whomever's you choose.
Sincerely,
Tech Talk Staff
|
|
|
| |
|
|
|
