In a surprise move Microsoft wants users to limit its browsers functionality for better security. Already Microsoft says if you"re running SP2 you"re in the clear, but for those who don"t want to test SP2 right now there is another option (not quite as good). Such as disabling JavaScript and to adjust your security settings.
Microsoft is doing something unprecedented: It wants you to break one of Internet Explorer"s key features. Why? Because only by limiting the browser"s functionality can you be sure of stopping a sneaky--and dangerous--new breed of Internet virus. This latest targeted attack scenario, which uses malicious code dubbed "Scob" or "downlad.ject," exploits three flaws: two in Windows and one in Internet Explorer. One of the holes involves JavaScript; targeting this flaw, the Scob code lets a hacker attach a program written in JavaScript to Web pages. If you visit an infected Web site, the program automatically executes in IE, and voila! you"re infected.
Taking advantage of these multiple flaws, a group of Russian crackers recently mounted attacks on several hundred Web sites--aimed at putting lots of visitors at risk. Included on their hit list were some very reputable sites. Some Scob virus strains installed keystroke-logging software on users" PCs--apparently to steal financial data (head to "Known Trojan Still Plagues Web Servers" for more details).