Date: Tue, 03 Jan 2006 12:36:15 -0500
To: WSFA members <WSFAlist at KeithLynch.net>, <WSFAlist at KeithLynch.net>
From: "Mike B." <omni at omniphile.com>
Subject: [WSFA] Re: Crash, thud
Reply-To: WSFA members <WSFAlist at KeithLynch.net>

At 1/3/2006 12:11 PM, Michael Walsh wrote:

> >Or at the very least disable all the "'screw me' features" of the one
> >you are using...such as ActiveX, just to name one.
>
>I gathered this happened when using Firefox (yeah, I know it's a
>browser not an OS...)

ActiveX isn't the only vulnerable route into a Windows system...it's just a
really obvious one (ActiveX basically downloads and runs programs, and has
essentially NO protection for the user...whatever the ActiveX component
author chose to do gets done...using ActiveX on the public internet is
*insane*.  It *might* be excusable on an isolated intranet, but there are
generally safer ways to accomplish the same goals even there.

At least Firefox has AdBlock, so you can avoid the 3rd party ad route for
the WMF exploit.

-- Mike B.