Home opinion-and-analysis ShawThing Business Software Microsoft quickly patches zero-day exploit in Internet Explorer

Microsoft has quickly released an automatic update patch for a vulnerability discovered about 5 days prior. In a good will gesture, it has rolled it out to Windows XP users despite support for this product ending earlier in April.

iTWire’s David Swan reported on the zero day exploit found last week in Internet Explorer (IE). Microsoft has released a patch for IE – all versions six to eleven - and it is part of the auto-update feature that protects even Windows XP.

What amused me was the blatant Microsoft/Windows/IE bashing some of the commentators had – including David with his reference to having another reason to ‘jump ship – the ageing browser has been hit by a widespread security bug …’

The reality is all zero day exploits have the potential to cause issue with whatever product they are found in. This exploit was solely about using Adobe’s Flash plugin (why didn't Adobe take the heat for this?) and disabling it was the short-term solution until Microsoft could analyse and fix it – that took a few days. Naturally browsers that don’t support the ageing Flash were not affected.

Microsoft responded to the widespread ‘flames’, “The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown. Unfortunately, this [flaming] is a sign of the times and this is not to say we do not take these reports seriously. We absolutely do.” said Microsoft’s Adrienne Hall, General Manager, Trustworthy Computing.

The reality is that, like other competing browser products, the hacker community continually 'tests' – to use a polite word – browsers, as they have become one of the main interfaces between the Internet and users. That is a good thing.

Mozilla released Firefox version 29 last week to cure five critical and an undisclosed number of highly rated security vulnerabilities. Threat Post has details but let me add that on the Mozilla Firefox Bug forum there are 27317 topics contained in 911 pages. It is by no means, any more secure than IE.

Google’s own Chrome Browser has had serious bugs but like any responsible software developer, these are fixed as they are found. Ditto.

Safari has had its problems too but you seldom hear about them – Apple does not comment on …

Many people are passionate supporters of their favourite OS - Linux, OS X, Chrome OS, and Windows – Apple Aficionados, AnDruids, and WinDohs, etc. Freedom of speech is to be encouraged but bloody rubbish is not acceptable.

 

 

 

FACT: Internet Explorer is used on 58.21% of the PC market. It is the biggest target – a classic tall poppy! It has a comprehensive development program with far more resources available to it than the rest combined.

FACT: Windows is in daily use on 90.94% of PCs - more than 1 billion units. It the biggest target here too. It has a comprehensive development program now enhanced by the new Windows 8.x model where continuous improvement is rolled out – usually at no cost to the user - instead of the scramble to release totally new versions every few years.

The PC market is not the mobile market where browsers are supplied with the smartphone. Apple has its mobile Safari, Google has its Android and Chrome browsers, and Window Phone has IE. These all have security issues as well – far more minutiae than this publication can afford the time to cover.

Fanboy trolls - hope you have a field day!

FREE WHITEPAPER - REMOTE SUPPORT TRENDS FOR 2015

Does your remote support strategy keep you and your CEO awake at night?

Today’s remote support solutions offer much more than just remote control for PCs. Their functional footprint is expanding to include support for more devices and richer analytics for trend analysis and supervisor dashboards.

It is imperative that service executives acquaint themselves with the new features and capabilities being introduced by leading remote support platforms and find ways to leverage the capabilities beyond technical support.

Field services, education services, professional services, and managed services are all increasing adoption of these tools to boost productivity and avoid on-site visits.

Which product is easiest to deploy, has the best maintenance mode capabilities, the best mobile access and custom reporting, dynamic thresholds setting, and enhanced discovery capabilities?

To find out all you need to know about using remote support to improve your bottom line, download this FREE Whitepaper.

DOWNLOAD!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Connect