FTP Bug Leaves IE Users Vulnerable
Security researchers say that a previously patched IE 6 bug can still be exploited.
Robert McMillan, IDG News Service
Wednesday, March 12, 2008 6:15 AM PDT
A flaw in the way Microsoft's Internet Explorer browser processes FTP commands could let attackers steal or erase data from a victim's FTP site.
The bug, which affects users of IE 6 and the unsupported IE 5 browser, gives an attacker a way of hijacking the victim's FTP sessions. But a successful attack would be very hard to pull off and would only work in very precise, targeted attacks, security experts said. [...]
This news blurb comes to me today after I received notice at work yesterday that we are not to install Firefox (called "foxfire" in the email). This is due to there being "no support model" and therefore "there could be vulnerabilities that are not addressed".
Uh? No support model? Then what is support.mozilla.com
? Sounds like someone in IT has been drinking the Microsoft Kool-Aid. The kicker is that it is okay to use Firefox if you are a Linux/Unix user.
FUD = fear, uncertainty, and doubt.