How to make IE 6 more secure?

[john avery]

When Mosaic Netscape (the granddaddy of Mozilla) was the most popular

browser, and everything else was a distant second, guess which browser was
the main target of the bad guys?

I started out webbing with Netscape. I think around version 3 maybe
don't remember. Never had a problem with it. Then once the steaming
pile called Netscape Communicator came out, I switched to IE 5, a better
browser then. Now, I think that is Firebird without a doubt. Security
reasons aside even, tabbed browsing and mouse gestures are 2 extentions
I can't live without. As well as built in popup blocking. Think
you'll get all this with a future version of IE? Not unless you upgrade
to MS's new OS that isn't even out yet.
--

-john

please remove the word "NOSPAM" from my email address if you wish to
reply privately.

 

[Richard Steven Hack]

Chuck, I too ran the Browser Security Test (on IE6, with all patches etc.
applied) however "I" received different results (on WinME):

Browser Security Test Results
Dear Customer,

The Browser Security Test is finished. Please find the results below:

High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 0
Low Risk Vulnerabilities 0

Was your copy of IE6 updated to incl each and every patch etc.? I don't
understand why you received such different results, unless it has something
to do with the differences in your OS and mine (and besides the basics, I'm
certainly not all that 'up' on computers).

Just for giggles, I ran the test with my Opera 7.11 with the following
results:
The Browser Security Test is finished. Please find the results below:
High Risk Vulnerabilities
0
Medium Risk Vulnerabilities
2
Low Risk Vulnerabilities
1

The two Medium Risj Vulnerabilities are:

Microsoft Internet Explorer document.write() Zone Bypass Vulnerability
(bid6017)

and

Microsoft Internet Explorer file:javascript: Cross Domain Scripting
Vulnerability (ldy20030910-01)

and the Low Risk Vulnerability was:

305 Use Proxy Redirect Vulnerability (moz187996)

to which they specifically state Mozilla and Opera are vulnerable -
and Opera has no fix available yet.

The Cross Domain Scripting Vulnerability has no fix for it either from
Microsoft according to the test site Web page (don't know if this is
current).

The other Medium Vulnerability doesn't sound terribly risky.

The test site's statistics are interesting:

Total tests finished
178527
Tests that found high risk vulnerabilities
67682
Tests that found only medium or low risk vulnerabilities
46561
Tests that found only low risk vulnerabilities
6203
Tests that found no vulnerabilities
58081

Browsers:
Internet Explorer
144782
Mozilla and Mozilla-based browsers
21291
Opera
9854
Other browsers
2600

 

[Rick]

Browsers:
Internet Explorer
144782
Mozilla and Mozilla-based browsers
21291
Opera
9854
Other browsers
2600

Interesting. Only 81% of the visitors are using IE instead of the usually
touted number of 90+%. I suppose that could be due to the subset of web
users who are most likely to find that site in the first place. Or it
might indirectly comment on how IE is viewed by people who are more
interested in security than the net population in general.

 

[null]

Interesting. Only 81% of the visitors are using IE instead of the usually
touted number of 90+%. I suppose that could be due to the subset of web
users who are most likely to find that site in the first place. Or it
might indirectly comment on how IE is viewed by people who are more
interested in security than the net population in general.

I think Opera is easily set by the user to appear to the web site as
IE or Netsacape. I never trust those web site count numbers. But one
thing I'm pretty sure of. We are winning! The so called browser wars
are just beginning. Moz rulez!!


Art
http://www.epix.net/~artnpeg