AppSecLive.org

There has been quite a bit of discussion around some recent security issues. The first of which is a zero day MS exploit in IE. Details here:
 
http://isc.sans.org/diary.html?storyid=6733
 
This is really a “zero day-play” (patent pending), on an old school method of distributing malware. Basically, you visit a known site, get a frame or javascript injected from a compromised database, and your browser is sent off quietly to a few other sites ultimately being compromised by this exploit.
 
 
Another new one coming up is the SSH vulnerability, which by the way, only affect older versions of OpenSSH, and is actively being exploited in the wild.
 
So these are two previously unknown exploits, attacking both Linux and Windows, on two very different levels. So what is so very similar between them?
 
Simple!! Neither of them would be a danger to you if you follow the SIMPLE rules of common sense security. Two of which apply here:
 

-Disable what you don't use. (The MS zero day exploit is in a DLL that isn't even used by IE!)
-Keep your systems up to date with the latest security patches (old version of openSSH is at risk here)

 
In my opinion, there is actually another little known set of two rules about using the internet:
 
-Use Linux! Although some browser exploits do actually hit FireFox, the actual payload dropped by them are almost always for Windows
-Use FireFox without JavaScript! Nearly every drive by browser bomb uses JS. Now thats a fact that sure makes me ponder just how bad I want to see those dancing banner ads.
 
Hope you find this completely redundant and stupid, because if you are surprised by this, I'm really, really sorry.