Re: MS web designers -- "What Security Initiative?"
In-Reply-To: <40CB8263.18297.7605685C@localhost>
I have to applaud your specific examples of where Microsoft's aims have been
redirected (pun intended) and have become woefully presumptuous. Having worked
in web hosting and website development in past lives I would agree that
correcting the weblinks would be a truer solution than just performing all of
the sneaky redirects that require scripting to be enabled.
Here's my question. Everyone please feel free to point out its validity as
necessary. Why not add www.microsoft.com to your Trusted Sites list and allow
this Internet Zone to have Active Scripting function as prompted? Are there
cross-site exploits present that even make this a poor solution? This is the
interim solution I have in place at my business locations. We have to use
Internet Explorer for work-related application requirements. Otherwise I
wouldn't switched to something like Mozilla.
In lieu of Microsoft patching the latest round of Secunia announced security
holes I am disabling Active Scripting for all Internet Zones but the Trusted
Sites Zone. If this isn't the best alternative what is if we *have* to use
MSIE?
Anyone??