IE settings on High; MS Server Compromise?

[Rasker]

Microsoft is advising users of Internet Explorer to set their security settings for the Internet Zone (default for most websites)  to High, and move any desired and known site where this creates problems into the Trusted Zone.

Allegedly hackers are attempted and may have succeeded in compromising the MS prog used to run many business consumer interface websites, specifically those that haven't applied a certain patch.

More here: http://www.microsoft.com/security/incident/download_ject.mspx

[Rasker]

more details on ZDnet sounds worse now:

http://zdnet.com.com/2100-1105_2-5247187.html?tag=zdfd.newsfeed

[Stegahorse]

This does not Affect WinXP users who stay updated. Guess it blows away the idea that Win98 or later Dos versions are worth keeping.

[Rasker]

Theres danger even to fully updated XP users if they come into an infected website with IE with security settings below "high" according to the Zdnet article., and also this one:  

http://cnn.netscape.cnn.com/news/story.jsp?flok=FF-APO-1333&idq=/ff/story/0001%2F20040625%2F1310284967.htm&sc=1333&related=off&photoid=20040622TXDP101&floc=NW_1-T

Stephen Toulouse, a security program manager at Microsoft, recommended that computer owners obtain the latest security updates for Microsoft products and their anti-virus and firewall programs.

Because one flaw has yet to be fixed, he said, users should also turn up security settings on Microsoft's Internet Explorer browsers to the highest levels.

Security experts noted that users can avoid the exploit by using alternative browsers such as Mozilla and Opera. Users could also turn off the ``Javascript'' feature on their Microsoft browsers, though doing so cripple functions on some sites.

The infection does not affect Macintosh versions of Internet Explorer.

[Rasker]

btw Opera is a nice browser, runs tabbed windows (more room on taskbar), runs sweet and fast, free download, type "opera browser free download" in task bar to get it.