ActiveX is the source of almost all IE browser malicious code. A better
solution is to turn ActiveX to prompt and educate the user only to say
yes on known web sites.
-Bill
-----Original Message-----
From: Harlan Carvey [mailto:keydet89 (at) yahoo (dot) com [email concealed]]
Sent: Friday, April 30, 2004 12:29 PM
To: Andy Pham; focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: IE questions
Andy,
It doesn't sound as if you need to go w/ everything,
maybe just ActiveX.
Do you have A/V software installed and updated on your
user's systems? How about IDS and egress filtering on
the infrastructure? These are some things that can
help mitigate some of the risk...
--- Andy Pham <apham2575 (at) hotmail (dot) com [email concealed]> wrote:
> Hello,
>
> I'm not sure if my first email went thru or it's
> stuck somewhere because of
> the wrong email address. Anyway, we're currently
> blocking ActiveX,
> JavaScript and active scripting in IE. It has been
> working ok for us, but
> we heard a lots of complains because the users
> couldn't get to the sites
> that require ActiveX turn on (most of commercial
> sites). So my questions
> are
>
> What are the risks of turn everything on in IE? Is
> staying current with
> service packs help? Is there any work around if we
> decide to keep
> ActiveX...off? Any suggestions are appreciated.
>
> AP
>
> p.s: And I don't want to go with Mozilla browser....
>
>
_________________________________________________________________
> Stop worrying about overloading your inbox - get MSN
> Hotmail Extra Storage!
>
http://join.msn.com/?pgmarket=en-us&page=hotmail/es2&ST=1/go/onm00200362
ActiveX is the source of almost all IE browser malicious code. A better
solution is to turn ActiveX to prompt and educate the user only to say
yes on known web sites.
-Bill
-----Original Message-----
From: Harlan Carvey [mailto:keydet89 (at) yahoo (dot) com [email concealed]]
Sent: Friday, April 30, 2004 12:29 PM
To: Andy Pham; focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: IE questions
Andy,
It doesn't sound as if you need to go w/ everything,
maybe just ActiveX.
Do you have A/V software installed and updated on your
user's systems? How about IDS and egress filtering on
the infrastructure? These are some things that can
help mitigate some of the risk...
--- Andy Pham <apham2575 (at) hotmail (dot) com [email concealed]> wrote:
> Hello,
>
> I'm not sure if my first email went thru or it's
> stuck somewhere because of
> the wrong email address. Anyway, we're currently
> blocking ActiveX,
> JavaScript and active scripting in IE. It has been
> working ok for us, but
> we heard a lots of complains because the users
> couldn't get to the sites
> that require ActiveX turn on (most of commercial
> sites). So my questions
> are
>
> What are the risks of turn everything on in IE? Is
> staying current with
> service packs help? Is there any work around if we
> decide to keep
> ActiveX...off? Any suggestions are appreciated.
>
> AP
>
> p.s: And I don't want to go with Mozilla browser....
>
>
_________________________________________________________________
> Stop worrying about overloading your inbox - get MSN
> Hotmail Extra Storage!
>
http://join.msn.com/?pgmarket=en-us&page=hotmail/es2&ST=1/go/onm00200362
ave/direct/01/
>
>
>
------------------------------------------------------------------------
---
>
------------------------------------------------------------------------
---
>
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]