[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] IE is just as safe as FireFox
- To: "Rafel Ivgi, The-Insider" <theinsider@xxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>, <Colin.Scott@xxxxxxxxx>
- Subject: RE: [Full-Disclosure] IE is just as safe as FireFox
- From: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
- Date: Fri, 12 Nov 2004 09:09:50 -0600
He can buy a product..or do a super fast rollout of SP2..but why should
he? Microsoft should write better products...period. Everytime a Firefox
exploit comes out..there is already a fix...is that magic? No..it is
good coding...
> -----Original Message-----
> From: full-disclosure-admin@xxxxxxxxxxxxxxxx
> [mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of
> Rafel Ivgi, The-Insider
> Sent: Friday, November 12, 2004 8:09 AM
> To: full-disclosure@xxxxxxxxxxxxxxxx; Colin.Scott@xxxxxxxxx
> Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
>
> If you do have 14000 machines why don't you buy "Finjan's
> Vital Security For Web"?
> It will filter all malicious I.E exploits for all its
> surfers(its a proxy, quite fast...)
>
> Or just use SUS(system update server (microsoft)) just like
> any other administrator... to install sp2 or to just replace
> the c:\windows\system32\shdocvw.dll with the patched one or
> with sp2 one...
>
> Rafel Ivgi, The-Insider
> Security Consultant
> Malicious Code Research Center (MCRC)
> Finjan Software LTD
> E-mail: rivgi@xxxxxxxxxx
> ---------------------------------
> Prevention is the best cure!
> ----- Original Message -----
> From: <Colin.Scott@xxxxxxxxx>
> To: <full-disclosure@xxxxxxxxxxxxxxxx>
> Sent: Friday, November 12, 2004 12:46 PM
> Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
>
>
> Oh yeah, I've got 14,000 Windows 2000 machines to update to
> windows XP SP2,
> hang on wheres that CD?
>
> So thanks for your infinate wisdom there Rafel.
>
> Colin.
>
>
>
>
>
>
>
>
>
>
> "Rafel Ivgi,
> The-Insider"
> <theinsider@xxxxx To
> et.il> <full-disclosure@xxxxxxxxxxxxxxxx>
> Sent by: cc
> full-disclosure-a
> dmin@xxxxxxxxxxxx Subject
> .com Re: [Full-Disclosure] IE is just as
> safe as FireFox
> 12/11/2004 06:44
>
>
>
> That is incorrect, there is a fix --> SP2.
> Users should use the latest updated system, meaning if there
> is an SP2,
> they
> should install it.
>
>
> Rafel Ivgi, The-Insider
> Security Consultant
> Malicious Code Research Center (MCRC)
> Finjan Software LTD
> E-mail: rivgi@xxxxxxxxxx
> ---------------------------------
> Prevention is the best cure!
> ----- Original Message -----
> From: "Martin Mkrtchian" <dotsecure@xxxxxxxxx>
> To: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
> Cc: "Mailing List - Full-Disclosure"
> <full-disclosure@xxxxxxxxxxxxxxxx>;
> <ring-of-fire@xxxxxxxxxxxxxxx>
> Sent: Friday, November 12, 2004 3:03 AM
> Subject: Re: [Full-Disclosure] IE is just as safe as FireFox
>
>
> > They should've at least released that statement after they
> fixed the
> > IE FRAME vulnerability. 0 day exploit is in the wild and no fix for
> > it, yet they claim its secure enough.
> >
> > If the programmers are as smart as the company press
> releasers, I can
> > see why I.E. still sux.
> >
> >
> > Martin
> >
> >
> > On Thu, 11 Nov 2004 15:59:20 -0600, Todd Towles
> > <toddtowles@xxxxxxxxxxxxxxx> wrote:
> >> Microsoft's security and mangement product manager (Ben English)
> says...
> >>
> >> At a security roundtable discussion in Sydney on
> Thursday, Ben English,
> >> Microsoft's security and management product manager, told
> attendees
> that
> >> IE undergoes "rigorous code reviews" and is no less
> secure than any
> >> other browser.
> >>
> >> "Because IE is ubiquitous, you hear a lot more about it,
> but I don't
> >> think that Internet Explorer is any less secure than any
> other browser
> >> out there," English said.
> >>
> >>
> http://news.com.com/Microsoft+says+Firefox+not+a+threat+to+IE/
> 2100-1032_
> >> 3-5448719.html?part=dht&tag=ntop&tag=nl.e433
> >>
> >> Can anyone say IFRAME? Lol
> >>
> >> -Todd
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.netsys.com/full-disclosure-charter.html
> >>
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
>
>
>
> **************************************************************
> ************************
>
> This e-mail is confidential and may contain privileged
> information. If you
> are not the addressee or if you have received the e-mail in
> error, it may
> be unlawful for you to read, copy, distribute, disclose or
> otherwise use the
> information which it contains. Under these circumstances,
> please notify
> us immediately by returning this mail to
> 'mailerror@xxxxxxxxx' and deleting
> this e-mail from your system.
>
> Any views expressed by an individual within this e-mail do
> not necessarily
> reflect the views of Cadbury Schweppes Plc or its
> subsidiaries. Cadbury
> Schweppes Plc will not be bound by any agreement entered into
> as a result
> of this email, unless its intention is clearly evidenced in
> the body of the
> email.
> Whilst we have taken reasonable steps to ensure that this e-mail and
> attachments are free from viruses, recipients are advised to
> subject this
> mail
> to their own virus checking, in keeping with good computing
> practice. Please
> note that email received by Cadbury Schweppes Plc or its
> subsidiaries may be
> monitored in accordance with the prevailing law in the United Kingdom.
>
> **************************************************************
> ************************
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html