bad,day,for,browsers,severe,fl technology A bad day for browsers, severe flaws... again

The electronic cigarette is not new. People who buy electronic cigarette knows that this product has been in the market for years now. Despite some sectors apparently trying to shoot the product down from the shelves, the popularity of elect Active shredder safety technology for the small office. Shreds 15sheets per pass into 5/32" x 1-1/2" cross-cut particles (Security Level3). Patented SafeSense® Technology stops shredding when hands touch thepaper opening. Designated shredde

Normal 0 false false false EN-US X-NONE X-NONE /* Style Definitions */ table.MsoNormalTable{mso-style-name:"Table Normal";mso-tstyle-rowband-size:0;mso-tstyle-colband-size:0;mso-style-noshow:yes;mso-style-priority:99;mso-style-qformat:yes;mso-style-parent:"";mso-padding-alt:0in 5.4pt 0in 5.4pt;mso-para-margin-top:0in;mso-para-margin-right:0in;mso-para-margin-bottom:10.0pt;mso-para-margin-left:0in;line-height:115%;mso-pagination:widow-orphan;font-size:11.0pt;font-family:"Calibri","sans-serif";mso-ascii-font-family:Calibri;mso-ascii-theme-font:minor-latin;mso-hansi-font-family:Calibri;mso-hansi-theme-font:minor-latin;mso-bidi-font-family:"Times New Roman";mso-bidi-theme-font:minor-bidi;}Microsoft recently posted an advisory on the recently discovered zero day flaw in Internet Explorer 6 and 7. It would appear that the workarounds are to use IE8, enable"Protected Mode" in IE7 on Vista, ensure Data Execution Prevention(DEP) is enabled for Internet Explorer, or disable all Active Scripting andActiveX controls. At this time Microsoft says that no exploit has been foundin the wild, and they have not determined whether the fix will be part of apatch Tuesday roll-up, or released out of cycle.Opera has also released a patch this week to a"Extremely Severe" vulnerability in their JavaScript engine. The heap overflow could lead to execution of codeand users should upgrade to version 10.10 immediately.This might seem like a good week to be a Chrome, Firefox or Safari user yet they have all had majorvulnerabilities patched in recent weeks as well. We need to be consistentlyvigilant in defending the most exposed software on our computer... the browser.The safest thing you can do onlineis to reduce your attack surface. What I mean by that is to run a bare minimumset of applications with a minimum set of plugins or extensions. Keeping yourapplications patched is a daunting task, your only hope is to minimize yourexposure and patch as quickly as you can when fixes are made available byvendors.It may be necessary or desirable tohave multiple browsers, or to choose a browser based upon how large a target itis. The important point here is that you should control and have awareness asto which applications are deployed in your network, and have a strategy todeploy patches. Managing what applications you allowand having a plan to keep them up to date is the most important step you cantake to securing your desktops against the web threat. You have multiplechances to block the malware before it attacks your system and you should useas many levels of defense as you are able. Sophos customers can take advantageof several solutions to build a proper web defense:Sophos Web Appliance - Filters all incoming traffic through both our anti-virus engine and URL inspection technology. Our most recent release has enhanced protection against malicious JavaScript as well.Sophos NAC Advanced - Ensure that all of your desktops and laptops are patched before allowing access to critical parts of your network.Sophos Client Firewall - Help prevent application hijacking, and control which applications you allow to communicate on your network.Sophos Browser Helper Object - Internet Explorer users get additional protection from our BHO. The BHO looks for malicious client side code to prevent IE from executing potential exploits.Sophos Anti-Virus - Our Buffer Overflow Protection Service (BOPS) and Host Intrusion Prevention System (HIPS) technologies help prevent exploits from successfully dropping malicious code onto your computers. Application control can also be used to restrict which programs can execute, thereby helping you reduce the attack surface.       Normal 0 false false false EN-US X-NONE X-NONE /* Style Definitions */ table.MsoNormalTable{mso-style-name:"Table Normal";mso-tstyle-rowband-size:0;mso-tstyle-colband-size:0;mso-style-noshow:yes;mso-style-priority:99;mso-style-qformat:yes;mso-style-parent:"";mso-padding-alt:0in 5.4pt 0in 5.4pt;mso-para-margin-top:0in;mso-para-margin-right:0in;mso-para-margin-bottom:10.0pt;mso-para-margin-left:0in;line-height:115%;mso-pagination:widow-orphan;font-size:11.0pt;font-family:"Calibri","sans-serif";mso-ascii-font-family:Calibri;mso-ascii-theme-font:minor-latin;mso-hansi-font-family:Calibri;mso-hansi-theme-font:minor-latin;mso-bidi-font-family:"Times New Roman";mso-bidi-theme-font:minor-bidi;}Thisarticle was written by Chester Wisniewski of Sophos and is published here with their fullpermission. Sophos provides full data protection services including: security software, encryptionsoftware, antivirus, and malware protection.