Headline FeedsTechNewsWorld Talkback
|
|
Re: ActiveX Bug Exposes Microsoft Access' Soft Underbelly
Posted by: Walaika Haskins 2008-07-10 07:01:55
See Full Story
Microsoft issued a warning Monday about targeted attacks attempting to exploit a bug in the ActiveX control for the Snapshot Viewer in its Access database management application. The ActiveX control for the Snapshot Viewer for Microsoft Access enables users to view a snapshot of an Access report without having the standard or run-time versions of Microsoft Office Access, Microsoft said. The vulnerability only affects ActiveX control for the Snapshot Viewer in Microsoft Office Access 2000, Microsoft Office Access 2002 and Microsoft Office Access 2003.
Nice article, good advice there.
What stunned me about it was the amount of "Set your internet zone in Internet Explorer" and "disable COM this or Scripting that"...
Yeah, sure, those are all excellent ideas... However, anybody still using Internet Explorer by choice is probably defiantly sitting there in their stupid-chair saying "Oh yeah sure, it'll never happen to me"
Everybody who cares at all about computer security switched to a proper browser (Opera, Firefox, Safari...) long ago. Let alone anybody who cared for the poor sucker whose job it is to make things "just work" in Internet Explorer.
Yes, so... Any reconfiguration of Virus Explorer is really only a symptomatic treatment. To solve the problem you have to stop using Internet Explorer and get a proper browser.
So what we have to do is tell our bosses "Look, IE is reducing our productivity and could allow a hacker to compromise our system" -- if you are half as good at your job as most people seem to think they are, then your boss will not sack you on the spot for making this suggestion.
This is not simply my personal opinion. IE is a hunk of junk, it's a simple fact. If your boss is skeptical that a bad browser can fly in the face of every security measure on the planet, cite the U.S. government's Computer Emergency Readiness Team and the Department of Homeland Security.
Idiot Explorer is for suckers. I'm not bashing Microsoft here. Hey, no way, I love Microsoft. Sure. Windows is excellent. It's amazing what a small team can accomplish.
But IE is a bad browser and if you have to use it at work I tell you this:
- Look for a new job, before your browser sends a malicious hacker all your sensitive information. Think about it, if the browser emails your accounts to a rival corporation and reveals all your trade secrets, who will get in trouble for that?
YOU WILL.
If I had to apply for a job tomorrow where I might be using the internet, I would be asking if I had to use Internet Explorer. It'd have to be a mighty big pay packet to make me comfortable with using such a dangerous, terrible, sloppy, buggy, infuriating product.
I like to make web apps for a hobby. Very simple, humble, basic things.
Back when I cared in the least what IE users thought of my stuff, I spent about 80% of my time just trying to work around bugs in IE.
Internet Explorer is disgusting.
So, back on topic... Rather than suggest that people work around the problem by spending hours tweaking settings in Internet Explorer, why not just tell them to download a proper browser in the first place and be done with it? What a waste of time.
Other than that (in fact, partly because of it, as knowing how to "secure" IE could be very useful) it was a very interesting article.
It even prompted me to register ;-) so thanks, once again.
What stunned me about it was the amount of "Set your internet zone in Internet Explorer" and "disable COM this or Scripting that"...
Yeah, sure, those are all excellent ideas... However, anybody still using Internet Explorer by choice is probably defiantly sitting there in their stupid-chair saying "Oh yeah sure, it'll never happen to me"
Everybody who cares at all about computer security switched to a proper browser (Opera, Firefox, Safari...) long ago. Let alone anybody who cared for the poor sucker whose job it is to make things "just work" in Internet Explorer.
Yes, so... Any reconfiguration of Virus Explorer is really only a symptomatic treatment. To solve the problem you have to stop using Internet Explorer and get a proper browser.
So what we have to do is tell our bosses "Look, IE is reducing our productivity and could allow a hacker to compromise our system" -- if you are half as good at your job as most people seem to think they are, then your boss will not sack you on the spot for making this suggestion.
This is not simply my personal opinion. IE is a hunk of junk, it's a simple fact. If your boss is skeptical that a bad browser can fly in the face of every security measure on the planet, cite the U.S. government's Computer Emergency Readiness Team and the Department of Homeland Security.
Idiot Explorer is for suckers. I'm not bashing Microsoft here. Hey, no way, I love Microsoft. Sure. Windows is excellent. It's amazing what a small team can accomplish.
But IE is a bad browser and if you have to use it at work I tell you this:
- Look for a new job, before your browser sends a malicious hacker all your sensitive information. Think about it, if the browser emails your accounts to a rival corporation and reveals all your trade secrets, who will get in trouble for that?
YOU WILL.
If I had to apply for a job tomorrow where I might be using the internet, I would be asking if I had to use Internet Explorer. It'd have to be a mighty big pay packet to make me comfortable with using such a dangerous, terrible, sloppy, buggy, infuriating product.
I like to make web apps for a hobby. Very simple, humble, basic things.
Back when I cared in the least what IE users thought of my stuff, I spent about 80% of my time just trying to work around bugs in IE.
Internet Explorer is disgusting.
So, back on topic... Rather than suggest that people work around the problem by spending hours tweaking settings in Internet Explorer, why not just tell them to download a proper browser in the first place and be done with it? What a waste of time.
Other than that (in fact, partly because of it, as knowing how to "secure" IE could be very useful) it was a very interesting article.
It even prompted me to register ;-) so thanks, once again.
