IE Disk Formatting Exploit Causes Furor

By Thomas McGuire on
The publication of rogue code which can format users' hard disks if they so much as visit a Web page with Internet Explorer (or read an e-mail message with Outlook or Outlook Express) has revived a furious debate among security experts regarding the ethics of disclosing exploit code.

For this reason, many computer security professionals have argued that it is unethical to publish code that makes it easy to exploit a security hole -- especially before the vendor of the buggy software has had a bit of warning & a chance to patch the code. Others, however, argue that vendors do not admit security problems, or patch them in a timely way, unless there is full disclosure. (The Bugtraq list, which embraces the latter point of view, publishes exploits as soon as they are available.) Wired news covers the ethics debate in this article. But in the meantime, now that the cat's out of the bag, it's best to use an alternative browser (e.g. Opera or Mozilla) or disable scripting in IE.

Would you like to know more?

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.