Re: New IE flaw and exploit sites/migration to non-MS browser

I completely agree with Thor.

Deployement is a non-issue, any software can be deployed via GP. 

The problems lies with managment. Firefox overrides GP, making it very hard to 
manage in a MS environment.

Mohammad Wajahat Usmani
Software Engineer
Emitac Mobile Solutions
Dubai, U.A.E.
Sent via BlackBerry.

-----Original Message-----
From: "Thor (Hammer of God)" <thor@hammerofgod.com>
Date: Tue, 04 Apr 2006 01:49:18 
To:Focus-MS <focus-ms@securityfocus.com>
Cc:"'Murad Talukdar'" <talukdar_m@subway.com>,       "'Shaffer, Bruce'" 
<security@stsgi.com>, <blippert@itd.com.na>
Subject: Re: New IE flaw and exploit sites/migration to non-MS browser

I got a couple of emails regarding this... I was referring to the granular
control over each individual configuration setting one may set for IE via
Group Policy, not just "deploying" the install.

t


On 4/3/06 6:26 AM, "Bernd Lippert" <blippert@itd.com.na> spoketh to all:

> There is actually a method of deploying and managing Firefox with AD and GP.
> Have a look at this http://www.frontmotion.com/Firefox/
>
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
> Sent: Sunday, April 02, 2006 9:22 PM
> To: Shaffer, Bruce; Murad Talukdar; focus-ms@securityfocus.com
> Subject: Re: New IE flaw and exploit sites/migration to non-MS browser
>
> The main business reason to stick with IE is the ability to completely
> configure all aspects of its operation via Group Policy.  No can't get that
> with the other browsers.
>
> t
>
>
> On 3/31/06 10:17 AM, "Shaffer, Bruce" <security@stsgi.com> spoketh to all:
>
> > I have often wondered about where these sites are myself.
> >
> > As to the security debate of Mozilla vs. IE, at this point in time I
> > believe that using Mozilla over IE for security purposes is simply an
> > exercise in security through obscurity which, as we all know, is only
> > secure while it is obscure.  Now that obscurity is gone, we are seeing
> > more and more hits on Mozilla.  I haven't seen any business advantages
> > to using either one over the other, any way it goes you still have
> > users.
> >
> > Bruce Shaffer
> > CISSP
> > Information Security Engineer, STG.
> > -B-
> >
> > -----Original Message-----
> > From: Murad Talukdar [mailto:talukdar_m@subway.com]
> > Sent: Thursday, March 30, 2006 8:40 PM
> > To: focus-ms@securityfocus.com
> > Subject: New IE flaw and exploit sites/migration to non-MS browser
> >
> > Does anyone know if there is a public list available that has details of
> > sites which seek to exploit vulnerabilities in IE 6 etc? I read articles
> > where people say things like, "experts say that there are almost two
> > hundred
> > websites which are exploiting the newly disclosed flaw...blah blah
> > (FUD?)..,"
> >
> > Where do these people get these numbers from and where do they get the
> > info
> > on the malicious sites from too?
> >
> > On a related note--how many people have initiated a move away from IE to
> > Firefox/Opera etc in a corporate environment, due to the perception(is
> > it
> > JUST a perception or reality based?) that IE is less secure/more prone
> > to
> > exploits?
> >
> > Kind Regards
> > Murad Talukdar
> >
> >
> >
> >
> >
> >
> > ------------------------------------------------------------------------
> > ---
> > ------------------------------------------------------------------------
> > ---
> >
> >
> > ---------------------------------------------------------------------------
> > ---------------------------------------------------------------------------
>
>
>
> ---------------------------------------------------------------------------
> ---------------------------------------------------------------------------



---------------------------------------------------------------------------
---------------------------------------------------------------------------