dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
912
share rss forum feed


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3

3 recommendations

When Disabling IE6 (or Java, or whatever) is not an Option..

quote:
We're getting a whole lot of bad advice regarding the latest crop of vulnerabilities. Folks are saying things like "disable Java", or "Migrate away from IE6/7/8", or even "Migrate to IE10 or Firefox".

While these will certainly mitigate the current vulnerability, it's often not a practical way to go. If you pick the right week, almost anything could be your target "disable that" component - everyone has a zero day at one time or another. Specific to this week's issues, there are lots of business applications that are tied to older browsers - I've got a number of clients who have business critical applications that are tied to a specific version of IE (often IE6), or to a specific, old version of Java. Or if you still have a few thousand XP workstations, you're going to top out at IE8.

»isc.sans.edu/diary/When+Disablin···n+/14947
--
Don't feed trolls--it only makes them grow!


goalieskates
Premium
join:2004-09-12
land of big

1 recommendation

Amen.