If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released after the out of cycle Microsoft patch for MSIE.
So: No, surfing with MSIE is still not safe.
References
Defenses
- Use an alternate browser (yeah, we sound like a broken record). But diversity really helps make the bad guys' job harder.
- Disable ActiveX (take care: windowsupdate needs it, so you need to trust those sites)
- Set the killbit:
{844F4806-E8A8-11d2-9652-00C04FC30871}
[unconfirmed at this point it's the right killbit, so proceed with caution]
- Keep antivirus signatures up to date.
- Keep an eye out for a patch from Microsoft.
- ...
--
Swa Frantzen --
Section 66