Things are heating up for what some are calling an Extremely Dangerous Internet Explorer Security Hole. Microsoft’s Security Advisory 961051 is for all versions of Internet Explorer. Patch now!
What systems are primarily at risk from the vulnerability?
This vulnerability requires that a user is logged on and reading e-mail messages or is visiting Web sites for any malicious action to occur. Therefore, any systems where e-mail messages are read or where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability. However, best practices for servers discourage users from browsing and reading e-mail on servers, to reduce the level of vulnerability.
You also could stop reading email or visiting web sites with IE. Your choice.
I like the part about “discourage users”. That totally obscures the fact that any administrator worth his/her salt would never need to be discouraged from browsing with IE on a server. Here’s an idea, Microsoft. Stop installing IE on servers. Oh, it breaks the OS “design”? Well, then, perhaps it is time for something a little more useful in server security rather than “discourage users” advice?