Yesterday, Stan Schroeder at Mashable wrote a great blog about the French and German governments strongly urging users to stop using Internet Explorer and to use other browsers like Safari and Firefox. The recommendation was made because of a similar vulnerability in Internet Explorer 6, 7, and 8 that allows malicious hackers to remotely execute arbitrary code.

I do not want to cause an international incident (especially with countries that I love to ski in), but I think the recommendation is shortsighted and purely based on the status quo mentality of reactive responses to the du jour threats. Today, the recommendation is to stop using IE. When a vulnerability is discovered in Safari, Firefox or Opera tomorrow, the recommendation will be to stop using those browers.

The recommendations will be the same for every application: word processing, spreadsheets, project management, games, etc.

Folks, we need to shift our thinking. At the risk of being repetitive and to paraphrase my earlier assertion: we should not be worrying about which browers our people are using, and instead we should focus on stopping the real threat: the payload. The best way to do that is application whitelisting. With solutions like BOUNCER, malware (including those that are deposited via vulnerabilities in browsers like IE) will not be on the approved list of applications and will therefore be stopped cold.