[LINK] Aus Govt issues IE security warning
Stilgherrian
stil at stilgherrian.com
Tue Jan 19 20:23:59 AEDT 2010
On 19/01/2010, at 7:57 PM, stephen at melbpc.org.au wrote:
> Govt issues IE security warning
>
> Emily Bourke ABC News www.abc.net.au/news/stories/2010/01/19/2795684.htm
Well, yes and no.
It depends what you count as a "government warning".
Yes, there is a reference to the AusCERT advisory about the vulnerability that was used to attack Google and 33 other corporations at the government's Stay Safe Online (SSO) website.
http://www.auscert.org.au/render.html?it=12238
http://www.ssoalertservice.net.au/view/3bd184c173a3c4e4520bfbe521321216
This in turn is based on Microsoft's advisory.
http://www.microsoft.com/technet/security/advisory/979352.mspx
But SSO publish ALL of AusCERT's advisories, dozens a year, and the text about using alternate browsers if you don't apply Microsoft's patch is boilerplate. They also publish the advisories about OS X and Adobe Reader and whatever else gets pumped out.
So, you could say that the government issues dozens of these warnings a year.
Or, you could say that the ABC is jumping at shadows, making a big deal out of what is a relatively routine security advisory.
As security consultant Crispin Harris said in my Crikey piece on this, "AusCERT and the other national cyber safety bodies provide advisories and alerts like this on almost a daily basis. This one is of course highly visible because of the companies involved. It is unusual for advisories to be picked up by the media but not uncommon."
http://www.crikey.com.au/2010/01/19/dump-internet-explorer-stay-alert-but-not-alarmed/
Stil
--
Stilgherrian http://stilgherrian.com/
Internet, IT and Media Consulting, Sydney, Australia
mobile +61 407 623 600
fax +61 2 8569 2006
Twitter: stilgherrian
Skype: stilgherrian
ABN 25 231 641 421
More information about the Link
mailing list