COLORADO SPRINGS, Colo. The Department of Homeland Security's U.S. Computer Emergency Readiness Team touched off a storm this week when it recommended for security reasons using browsers other than Microsoft Corp.'s Internet Explorer.
CERT said vulnerabilities in IIS and IE could include MIME- type determination, the DHTML object model, the IE domain/zone security model and ActiveX scripts. Alternative browsers such as Mozilla or Netscape may not protect users, the agency warned, if those browsers invoke ActiveX control or HTML rendering engines.
The only defense may be completely disabling scripting and ActiveX controls.
Microsoft said earlier in the week it is working with law enforcement officials to identify the source of the latest Internet virus.