Will Microsoft ever bother to squash this security bug?
There's a zero-day security flaw in Internet Explorer that's been known for at least the last 7 months, yet Microsoft has yet to release a patch. Perhaps it never will -- after all, IE8 is the last version of Microsoft's browser to support Windows XP, which itself is now an unsupported operating system. Alternately, Microsoft might just be having a really tough time with this one -- the Redmond outfit doesn't have a whole lot to say on the matter.
Apple earlier today updated its Safari browser to version 5.0.4, plugging up 62 security holes in the process. Even so, it took French security firm Vupen just 5 seconds to exploit the browser and take home a $15,000 bounty from TippingPoint for doing so. This marks the first time in four years that Charlie Miller, an analyst with Security Evaluators, wasn't first to crack the Safari browser in the annual Pwn2Own contest. And what of Microsoft's IE8 browser? It didn't fare much better.
Microsoft is having a Windows conference in May, but don’t get your hopes up, no Windows 8 news is expected. The so-called Windows Summit is designed to help software and hardware makers to develop products and services that work well with the current versions of Windows and Internet Explorer. The Three day event is currently scheduled for May 25-27.
According to a Microsoft statement to Cnet, they are looking to attract developers “who are looking to engage with Microsoft on an intimate level or who haven't engaged with Microsoft in the past 18 months.” Sounds awkward. A (hopefully not as awkward) keynote will be given by Microsoft General Manager Mike Angiulo. Registration for the event will cost $399.
The conference will probably not contain any big news, to our dismay. Attendees are not even required to sign non-disclosure agreements. It seems like Microsoft is looking to reach out to new developers, and encourage them to work on Windows 7 and IE8. We have an idea how Microsoft could get said developers fired up. It involves a certain sweaty CEO pumping his fists and chanting “developers”. Who wouldn’t love that?
A handful of hackers will leave CanSecWest's security show a little richer than when they arrived after participating in the annual Pwn2Own contest. Charlie Miller, for example, won $10,000 for hacking Safari on a MacBook Pro without having physical access to the rig. You may recall that Miller, a principal security analyst at Independent Security Evaluators, walked away with $5,000 last year for exploiting a hole in Safari, and $10,000 for hacking a MacBook Air in 2008.
Safari wasn't the only software to fall. Peter Vreugdenhil won $10,000 for hacking Microsoft's Internet Explorer 8 browser, while Nils, head of research at UK-based MWR InfoSecurity, collected the same amount for exploiting Firefox on Windows 7-64 bit (Nils declined to provide his last name).
Both Ralf Philip Weinmann and Vincenzo Iozzo will share a $15,000 prize for hacking Apple's iPhone. They did so with an exploit written two weeks ago designed to steal the contents of the SMS database.
"The payload executes and uploads the local SMS database of the phone to the server we control," Weinmann said.
For the first time ever, Microsoft's Internet Explorer 8 claims more users than any other browser on the planet, including the dated (but still popular) IE6.
According to browser market research firm Net Applications, IE8 managed to wrangle its way onto 20.86 percent of all desktops and devices using a web browser, while IE6 claimed 20.99 percent. However, since 2.8 percent are using IE8 in compatibility mode, that propels Microsoft's latest version to the top of the charts.
Main rival Firefox 3.5 followed close behind at 16.32 percent, less than a percentage point above IE7 at 15.5 percent. Looking at the overall picture, however, Firefox still has considerable ground to make up, claiming 24.61 percent of the market compared to Internet Explorer's 62.69 percent. Chrome, meanwhile, sits at 4.63 percent, which was enough to push Apple's Safari browser to fourth place with 4.46 percent.
According to a screenshot taken by an IE6 user who was watching some videos on YouTube, it would appear that support for the browser will be phased out very soon.
The screenshot suggests that an upgrade to a “more modern” browser, including Google Chrome, Internet Explorer 8 and Firefox 3.5. And, they’re not alone – apparently Digg is looking to cut their support for IE6 as well.
There’s been no official word yet from YouTube, so this information is only as good as its sources (truthfully, folks on Twitter). But, it doesn’t seem illogical, so if it turns out to be true, there’ll be little surprise.
Mozilla just launched a new project, named Electrolysis, which is meant to bring multiprocess browsing to Firefox. And, according to Mozilla, this project has allowed them to improve Firefox’s performance, security and stability. Developers of the project have already put together a prototype that’s able to render a page in a separate process from the interface shell that it’s displayed in.
Apparently the idea of implementing multiprocessing into the browser didn’t gain much traction until its use by Google and Microsoft in Chrome and IE8. Chrome’s multiprocess architecture allows it to fill in security holes, and it prevents page specific glitches from crashing the entire browser – something that Mozilla hopes to do as well.
There’s no word yet if the multiprocess browsing will be ready in time for the next release of Firefox, but the work will be done separately so as not to impede the current stages of development.
Far be it for Microsoft to shy away from hiring known celebrities to pitch its products, as was the case with hiring Jerry Seinfeld as its OS pitchman. But now the software maker is looking to push Internet Explorer 8 in the cutthroat browser wars, and it's getting a bit of help from TV Superman Dean Cain. Oh, and there's puking too.
So far there are a total of four adverts, each one starring Dean Cain as the on-screen narrator. But it's the fourth video in the series that will get all the attention for its vivid portrayal of a woman puking after viewing something apparently offensive online - or maybe she's a Houston Rockets fan and just read up on Yao Ming's foot.
Call it a gimmick, call it what you want, but it looks like Microsoft is doing some good by helping out those in need via their Internet Explorer 8 advertising.
Along side their Dean Cain commercials that went live earlier this month, they’ll be donating the equivalent of eight meals to the Feeding America Network for each completed download of Internet Explorer 8.
Make sure that you download soon though; this promotion will only run from June 10th to August 8th. So, if you’re not downloading IE8 for yourself, download it for those in need! You’ll feel better tonight knowing you did.
When it comes to handing out fines, the European Commission doesn't mess around. Just last month the EC ____ slapped Intel with a record setting $1.45 billion after finding the chip maker guilty of anticompetitive practices, while in 2004, the EC slammed Microsoft with what today would amount to about a $790 million fine.
The aforementioned incidents no doubt weighing on Microsoft's mind, the software maker will release a version of Windows 7 in Europe with Internet Explorer 8 stripped out.
"To ensure that Microsoft is in compliance with European law, Microsoft will be releasing a separate version of Windows 7 for distribution in Europe that will not include Windows Internet Explorer," Microsoft said in a memo. "Microsoft will offer IE8 separately and free of charge and will make it easy an convenient for PC manufacturers to preinstall IE8 on Windows 7 machines in Europe if they so choose."
Probably a good move, as European regulators earlier this year warned that bundling a browser in Windows would likely violate European antitrust law.