Home opinion-and-analysis ShawThing Business Software Microsoft quickly patches zero-day exploit in Internet Explorer

Subscribe now and get the news that matters to your industry.

* Your Email Address:
* First Name:
* Last Name:
Industry:
Job Function:
Australian State:
Country:
Email marketing by Interspire
weebly statistics

Microsoft has quickly released an automatic update patch for a vulnerability discovered about 5 days prior. In a good will gesture, it has rolled it out to Windows XP users despite support for this product ending earlier in April.

iTWire’s David Swan reported on the zero day exploit found last week in Internet Explorer (IE). Microsoft has released a patch for IE – all versions six to eleven - and it is part of the auto-update feature that protects even Windows XP.

What amused me was the blatant Microsoft/Windows/IE bashing some of the commentators had – including David with his reference to having another reason to ‘jump ship – the ageing browser has been hit by a widespread security bug …’

The reality is all zero day exploits have the potential to cause issue with whatever product they are found in. This exploit was solely about using Adobe’s Flash plugin (why didn't Adobe take the heat for this?) and disabling it was the short-term solution until Microsoft could analyse and fix it – that took a few days. Naturally browsers that don’t support the ageing Flash were not affected.

Microsoft responded to the widespread ‘flames’, “The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown. Unfortunately, this [flaming] is a sign of the times and this is not to say we do not take these reports seriously. We absolutely do.” said Microsoft’s Adrienne Hall, General Manager, Trustworthy Computing.

The reality is that, like other competing browser products, the hacker community continually 'tests' – to use a polite word – browsers, as they have become one of the main interfaces between the Internet and users. That is a good thing.

Mozilla released Firefox version 29 last week to cure five critical and an undisclosed number of highly rated security vulnerabilities. Threat Post has details but let me add that on the Mozilla Firefox Bug forum there are 27317 topics contained in 911 pages. It is by no means, any more secure than IE.

Google’s own Chrome Browser has had serious bugs but like any responsible software developer, these are fixed as they are found. Ditto.

Safari has had its problems too but you seldom hear about them – Apple does not comment on …

Many people are passionate supporters of their favourite OS - Linux, OS X, Chrome OS, and Windows – Apple Aficionados, AnDruids, and WinDohs, etc. Freedom of speech is to be encouraged but bloody rubbish is not acceptable.

 

 

 

FACT: Internet Explorer is used on 58.21% of the PC market. It is the biggest target – a classic tall poppy! It has a comprehensive development program with far more resources available to it than the rest combined.

FACT: Windows is in daily use on 90.94% of PCs - more than 1 billion units. It the biggest target here too. It has a comprehensive development program now enhanced by the new Windows 8.x model where continuous improvement is rolled out – usually at no cost to the user - instead of the scramble to release totally new versions every few years.

The PC market is not the mobile market where browsers are supplied with the smartphone. Apple has its mobile Safari, Google has its Android and Chrome browsers, and Window Phone has IE. These all have security issues as well – far more minutiae than this publication can afford the time to cover.

Fanboy trolls - hope you have a field day!

PROTECT YOURSELF AGAINST BANDWIDTH BANDITS!

Don't let traffic bottlenecks slow your network or business-critical apps to a grinding halt. With SolarWinds Bandwidth Analyzer Pack (BAP) you can gain unified network availability, performance, bandwidth, and traffic monitoring together in a single pane of glass.

With SolarWinds BAP, you'll be able to:

• Detect, diagnose, and resolve network performance issues

• Track response time, availability, and uptime of routers, switches, and other SNMP-enabled devices

• Monitor and analyze network bandwidth performance and traffic patterns.

• Identify bandwidth hogs and see which applications are using the most bandwidth

• Graphically display performance metrics in real time via dynamic interactive maps

Download FREE 30 Day Trial!

CLICK TO DOWNLOAD!

ITWIRE SERIES - IS YOUR BACKUP STRATEGY COSTING YOU CLIENTS?

Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup

FIND OUT MORE!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Connect