If you're on Windows and your system isn't fully up to date, you're hosed. You're not sort of hosed. You're not kind of hosed. You're fully hosed.
Spyware and adware is not just something that clueless downloaders get. It's something that vulnerable IE systems get via exploits. Get your patches and get on Firefox.
Posted by asa at November 24, 2004 11:10 PMAnd whatever platform you're on, you could be hosed by the "Sun Java Plugin Arbitrary Package Access Vulnerability" (http://www.idefense.com/application/poi/display?id=158).
Solution is to install JRE 1.5.0 (don't even bother with updating to 1.4.2_06) from http://java.sun.com/j2se/1.5.0/download.jsp
Posted by: Phil Randal on November 25, 2004 02:16 AMAlso read:
http://gemal.dk/blog/2004/11/25/who_profits_from_security_holes/
This guy visits ONE page with Internet Explorer and gets 16 distinct programs installed!
Check out the video. I'm kind of scary!
Posted by: Henrik Gemal on November 25, 2004 04:45 AMFront page news (!) on probably Sweden's largest online news site today:
http://www.aftonbladet.se/
"Warning for Internet Explorer"
Subtitle: "Do not use Internet Explorer". :-)
Apparently, there's a new worm "Bofra" that caused these news. Must say unexpectedly big headlines for an IE vulnerability, but as alternative browsers and IE's problems has gained a greatly increased attention the past year it seems like mainstream news are finally catching on.
Posted by: Jugalator on November 25, 2004 01:55 PMbtw, actual article in case anyone is interested:
http://www.aftonbladet.se/vss/it/story/0,2789,566877,00.html