Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
Kristensen chided Microsoft for not admitting the IE7 role in the
exploitation, saying it will lead to confusion among users and systems
administrators.
"For a long time Microsoft has had a policy of
tagging various vulnerabilities where IE was the primary or only attack
vector as operating system vulnerabilities. This does lead to some
confusion and may cause users and system administrators to view the
issues as less significant," said Kristensen.
"Again, while it may be correct from an organisational (and PR?) point
of view within Microsoft, this does not fit into how it is perceived by
users and administrators and how they are going to defend against
exploitation.
"In short, Secunia finds it necessary and reasonable to flag Internet
Explorer as being vulnerable if Internet Explorer provides a clear
direct vector to a vulnerable component, which is included by default
in a fresh clean install of Microsoft Windows.
"Hiding behind an explanation that certain vulnerabilities, which only
are exploitable through Internet Explorer, are to blame on Outlook
Express, Microsoft Windows, or other core Microsoft Windows components
seems more like a way to promote security of IE rather than standing up
and explaining the users where the true risk is and taking
responsibility for the vulnerabilities and risks in IE, which are
caused by IE being so heavily integrated with the underlying operating
system and other Microsoft components."
According to Kristensen, the vulnerability highlighted by the security
company in IE7 was underlined by the fact that it does not affect
browsers from vendors other than Microsoft.
"Firefox and Opera can't be exploited in a default configuration," said Kristensen.
"We have not seen any documentation or indications about other vectors
to this than IE. It is of course possible that other third party
applications (or Microsoft applications) use this functionality but
even if they did it isn't certain that it is possible to exploit it for
the same purpose as in IE."
David Bass
| For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
LATEST HEADLINES FROM YOUR IT
