http://www.zdnet.com.au/newstech/sec...0279477,00.htm

Ken Dunham, the 'director of malicious code' at U.S. based 'security
intelligence' company iDefense: "Recent exploits of Microsoft software
has made it unsafe to surf the Web... it will be very difficult for some
users to even know their computer is infected with a virus or otherwise
compromised," he said.

The self styled 'chief hacking officer' of U.S.-based eEye Digital
Security:
"It has been a long running theme that at almost any given point there
is a remotely exploitable bug in Internet Explorer," he told ZDNet
Australia . "It's one of the biggest security risks for most 'Microsoft
based' corporations. Microsoft is not fixing these publicly disclosed
bugs in any sort of timely manner or more so they seem to just not be
fixing them at
all."

Microsoft's global head of product security, George Stathakopoulos:
"the 25 day delay between the disclosure of a so called "object type"
vulnerability and the release of a fix was the result of a strict
quality control process imposed on patches."

However this puts Stathakopoulos slightly at odds with the way the facts
play out as presented in the MS03-032 bulletin itself, which indicates
that MS03-032 was simply a dud patch.

Stathakopoulos would not comment on allegations made by security
research company Pivx Solutions that there are over 30 un-patched
vulnerabilities in Internet Explorer, but did say Microsoft is
"investigating" the claim.

However, Maiffret says dramatic changes are required.
"Internet Explorer was a poorly thoughtout product. In
their effort to become the number one browser, by
cramming every feature possible, they have in essence
forgotten about security and made a system so flexible
that its even flexible to hackers," he said.

*******read the whole article here:
http://www.zdnet.com.au/newstech/sec...0279477,00.htm

AND THEN *heed* THE MESSAGE!!!!!!!!!!!!!!



--
Valentín Guillén
Earth - a subsidiary of Microsoft®