我们是电机系的成员，还是注意一下电脑浏览器IE容易被入侵的危险比较好 （这也算是电机专业能力的一种）。 这已经是快两个月前的旧闻了，但是我前不久还是发现有电机系所的高年级学生 还不知道此事，还在用IE上网浏览，所以我把此文贴上来提醒大家，德法政府都已经 向大众警告IE的安全漏洞与危险了，这篇报导完以後也有其他国家的政府在跟进警告了。 如果你还在用IE上网浏览，赶快换一种浏览器吧！ 我个人习惯使用比较安全的Google chrome或是Mozilla firefox来代替IE。 Google chrome的下载网页： (缩址：http://tinyurl.com/mq796s) http://www.google.com/chrome/index.html?hl=zh_tw&brand=CHMB&utm_campaign=zh_tw &utm_source=zh_tw-ha-apac-tw-sk&utm_medium=ha Mozilla firefox的下载网页： http://www.getfirefox.net/ France & Germany: replace your IE (Internet Explorer of Microsoft) with other browsers!! Germany's Federal Office for Information Security issued a warning against all versions of Internet Explorer and recommended that users switch to an alternative such as Firefox or Google's Chrome. http://news.bbc.co.uk/2/hi/technology/8465038.stm France joins Germany warning against Internet Explorer By Jonathan Fildes Technology reporter, BBC News France has echoed calls by the German government for web users to find an alternative to Microsoft's Internet Explorer (IE) to protect security. Certa, a government agency that oversees cyber threats, warned against using all versions of the web browser. Germany warned users on Friday after malicious code - implicated in attacks on Google - was published online. But Microsoft told BBC News that IE8 was the "most secure browser on the market" and people should upgrade. Cliff Evans, head of security and privacy, said that so far the firm had only seen malicious code that targeted the older version of its browser, IE6. "The risk is minimal," he said. For a web user to be affected, he said, they would have to be using IE6 and visit a compromised website. "There are very few of them out there," he told BBC News. However, if this did occur, a PC could become infected with a "trojan horse", allowing a hacker to take control of the computer and potentially steal sensitive information. 'Sophisticated attack' Although the vulnerability has so far been exploited only in IE6, security researchers warned that could soon change. "Microsoft themselves admit there is a vulnerability, even in IE8," said Graham Cluley of security firm Sophos. This terrible piece of PR for Microsoft comes just as the IE browser which had almost total control of the market starts to come under pressure... Rory Cellan-Jones, BBC technology correspondent ...... Following the news, Germany's Federal Office for Information Security issued a warning against all versions of Internet Explorer and recommended that users switch to an alternative such as Firefox or Google's Chrome. The French agency Certa issued a similar warning. "Pending a patch from the publisher, Certa recommends using an alternative browser," it said. The UK government had said that it would not issue a similar warning. However, it said the Centre for the Protection of National Infrastructure (CPNI)was "monitoring the situation" and would "publish further advice if the risks change". Patch path But Mr Evans said that calls to change browsers were "not very helpful". "If you look at other browsers, it's likely they will have other vulnerabilities," he said. The vulnerability was found to be used in an attack on Google He pointed to a report by security firm NSS Labs reportedly showing that IE8 provided better security against phishing and malware than other browsers. "We feel strongly that IE8 is most secure browser on the market," Mr Evans said. His advice was echoed by Mr Cluley. "Switching away will get away from this particular problem," he told BBC News. "But all browsers have security flaws." Mr Cluley said that switching away from IE could create other problems, particularly for companies. "Some web-based applications may not work at all if you're not using Internet Explorer." Microsoft is currently working on a patch for the problem, but a spokesperson said it could not commit to a timeframe. The firm traditionally releases a security update once a month - the next scheduled patch will be ready on 9 February. Expert finds vulnerabilities in Microsoft browser IE- remotely access all of the data on a PC!! Expert finds vulnerabilities in Microsoft browser http://news.yahoo.com/s/nm/20100122/tc_nm/us_microsoft_security By Jim Finkle – Fri Jan 22, 4:26 pm ET BOSTON (Reuters) – A security research firm said it discovered another set of vulnerabilities in Internet Explorer, a day after Microsoft Corp patched the Web browser following a high-profile cyber attack on Google in China. The software maker issued a patch on Thursday to fight malicious software that was used in the attack on Google Inc and dozens of other companies which operate in China. Research firm Core Security Technologies said on Friday that it discovered another set of vulnerabilities in Internet Explorer that hackers can link together and exploit, to remotely access all of the data on a personal computer. "There are three or four ways to conduct this type of attack," said Jorge Luis Alvarez Medina, a security consultant with Boston-based Core, who will demonstrate the vulnerability at the Black Hat security conference in Washington, which begins February 2. A spokeswoman for Microsoft said she could not immediately comment on the matter. Alvarez Medina said hackers can exploit a string of four or five minor vulnerabilities in Internet Explorer, which is used on hundreds of millions of PCs around the world. Although none of the vulnerabilities are serious enough to compromise a machine, a hacker could take control of a PC by exploiting all of them at once, he said. The combination would overwhelm the browser, giving a hacker access to all data on the PC after a user clicks on a malicious link, he said. Alvarez Medina added that he was uncertain whether any hackers had already exploited the weaknesses, which Microsoft has yet to patch. He said that Core was working with Microsoft to find a way to mitigate the risk, but added that he believed other vulnerabilities would crop up even after a solution to these. "It is likely that people will come up with new ones over time," he said. (Reporting by Jim Finkle, editing by Leslie Gevirtz) -- ___ 6@_@9 4| |7 2 5 让我先想一想...... --

※ 发信站: 批踢踢实业坊(ptt.cc) ◆ From: 118.168.161.34 ※ 编辑: Geigemachen 来自: 118.168.161.34 (03/04 00:57)