Microsoft: Cripple IE to Protect Your PC
The company says that you should disable one of the browser's features.
Stuart J. Johnston
From the September 2004 issue of PC World magazine
Posted Tuesday, July 27, 2004
Microsoft is doing something unprecedented: It wants you
to break one of Internet Explorer's key features. Why?
Because only by limiting the browser's functionality can
you be sure of stopping a sneaky--and dangerous--new
breed of Internet virus. This latest targeted attack
scenario, which uses malicious code dubbed "Scob" or
"downlad.ject," exploits three flaws: two in Windows and
one in Internet Explorer. One of the holes involves
JavaScript; targeting this flaw, the Scob code lets a
hacker attach a program written in JavaScript to Web
pages. If you visit an infected Web site, the program
automatically executes in IE, and voila! you're
infected.
Microsoft also wants you to take the extreme step of
disabling JavaScript. Many sites use JavaScript--to
display video, say--and without this programming
language, some sites, including Microsoft's own Windows
Update site, won't even function properly.
If you want to go this far--and I recommend that you
do--you need to adjust your IE settings. ...
If all this sounds like too much hassle, you might want
to consider switching to a browser like Mozilla or
Opera. You can have JavaScript turned on in these
browsers, yet remain safe from IE-like attacks. At
least, for now.

Full Article
Posted From: Mcafee Support Thread