- About Future
- Digital Future
- Cookies Policy
- Terms & Conditions
- Investor Relations
- Contact Future
Once again, Internet Explorer (aka "Internet Exploder") has been attacked through a "zero-day" remote code execution vulnerability. That might not seem like MaximumPC.com-worthy news, except for two factors: the flaw is affecting thousands of websites, and this time, it isn't just Firefox fans who are saying "time to switch browsers, already!" - security experts at Trend Micro, the Spamhaus Project, and the UK's PC Pro magazine are all recommending making a switch, according to the BBC. And here's why:
The flaw in Microsoft's Internet Explorer could allow criminals to take control of people's computers and steal their passwords, internet experts say.
Attacks against IE7 have been verified, but all versions of IE (including IE 8 Beta 2) have the same underlying vulnerability; a vulnerability not present in IE's competitors (Firefox, Opera, Chrome, and Safari). Switching browsers makes sense for most web surfing, but, alas, some websites and (of course) Windows Update and Microsoft Update for Windows XP won't work with anything but IE.
Since the vulnerability was detected on December 10th, Microsoft code jockeys have been working hard to patch the flaw (Redmond doesn't want you to switch, naturally, and given the way that IE and Windows work together, a broken IE isn't good for anybody), and a patch will be available tomorrow (December 17th) for all versions of IE from 5.01 up, applying to all versions of Windows and Windows Server from Windows 2000 on up. It's rare for Microsoft to perform a security update between Patch Tuesdays, but when a "Critical" vulnerability (the most dangerous category of vulnerability) is discovered, there's no time to waste.
(Updated 12-16-08 with a hat tip to Number Six) If you must use IE in the meantime, Microsoft recommends the following workarounds in its security bulletin (follow link for details):
Note that these workarounds have various effects on your ability to browse certain websites, and some are designed for certain Windows/IE combinations only.
you can use the following workarounds to protect yourself ( see the BBC dot.life blog for more information):
What are the long-term implications of this latest security flaw? A BBC technology blogger suggests "[t]his could be the moment when the minnows in the browser wars finally score a significant victory." What do you think? Hit Comment and tell us.