Network News

X My Profile
View More Activity

Microsoft fixing Internet Explorer vulnerabilities. Again.

Later today, Microsoft will release a round of security patches for its Internet Explorer browser. In itself, that's not unusual -- all browsers need these updates from time to time, thanks to the cockroach-like tenacity of malware authors.

But Microsoft's upcoming patch -- called an "out-of-band" release for its arrival outside of the company's usual monthly cycle of patches -- addresses Windows vulnerabilities so severe that they were apparently exploited in the coordinated Chinese attacks Google denounced in last week's "New Approach to China" blog post.

A blog post at Microsoft's TechNet site emphasizes that only IE 6 can get taken out by the current "Aurora" exploit and recommends upgrading to a newer version of IE, preferably the current IE 8.

I can't argue with that specific advice: As I've written multiple times, IE 6 is a hopelessly insecure, incapable browser that should have been dragged to the Recycle Bin years ago. (If you work in an office that requires IE 6, you're a victim of computing malpractice -- either by an IT department in denial, or by outside software vendors too lazy or inept to fix Web applications that require that obsolete browser.)

Upgrade already. At least move to IE 8, though you should remember the phrase "current exploit" in that Microsoft note -- some future version of the "Aurora" attack will probably find a weakness in IE that will require yet another patch. So also consider a more capable third-party browser like Mozilla Firefox (just updated to version 3.6 today, which adds a useful feature to warn you of out-of-date plug-ins), Google's Chrome, Apple's Safari or Opera. If you don't know how to install a new browser, beg or bribe a friend to help you through the process. Just get it over with. Today. Please?

By Rob Pegoraro  |  January 21, 2010; 12:49 PM ET
Categories:  Security , Windows  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: New York Times to charge 'frequent' Web readers in 2011 (updated)
Next: Trying to make sense of the Google-China standoff

Comments

No browser is completely secure, but Internet Explorer, being the most widely used, is also the most widely hacked. The same goes for Windows Operating Systems such as Vista or 7. For a comparison of different computers, go to http://www.topfivecomputers.com/
If you prefer a different OS, such as Linux, you can do what I did and set up a dual boot with Linux and Vista. Check out http://apcmag.com/how_to_dualboot_vista_with_linux_vista_installed_first.htm to find out how.

Posted by: nole92 | January 21, 2010 1:11 PM | Report abuse

I don't have those problems with IE because I use a Mac. With it I use four different browsers, Safari, Firefox, Chrome and Camino. I've used Camino for several years, its fast, sleek and does the job just as good or better than the other three. However, I see it wasn't mentioned in this piece. You can check it out here..http://caminobrowser.org/

Posted by: Agridome | January 22, 2010 6:32 AM | Report abuse

I use Mozilla Firefox. Mozilla has, however, a printing problem that has not been fixed. If you want to print, you have to switch the rendering engine using IE Tab. That does not work on banking sites, so one still needs IE or cut and paste into a word processing program. Chrome has the same printing problem.

I still keep IE 6 on my computer. Installing IE 7 completely blew my OS (Windows XP). I am hesitant to try installing IE 8.

Posted by: ssalo | January 23, 2010 1:48 PM | Report abuse

@ssalo:
After reading less than flattering reports in the tech press, I bypassed IE7 and went right to IE8 from IE6. Have had no problems either with three machines at home (XP SP3) or with a room full of training computers at work (XP SP2).

Aside from the training lab, however, most machines at work still are stuck with IE6 because of an INTERNAL Web app which has not yet been rewritten -- ideally to be browser-agnostic, but which at minimum should not be welded to IE6.

BTW, at home and on my own office desktop I also use Firefox and Chrome. I cannot honestly recommend the latest version of the companion Mozilla product SeaMonkey 2.0. Too many bugs still -- a step backward in fact from SeaMonkey 1.1.

Rob, I'd like to see a blog piece on the European Union decision to sell Windows without Internet Explorer. Since in the USA, Internet Explorer is REQUIRED to run Microsoft Update, how will the Europeans keep their version of Windows updated? And why can't we do that here?

Posted by: 54Stratocaster | January 23, 2010 4:09 PM | Report abuse

A few items concerning Firefox. The first is I use Vista home premium and just updated to Firefox 3.6. I have never had any problem printing, I just click file, print preview and then print from there. The other thing is that Firefox V 3.6 doesn't support the Explorer extension, or so it said when I tried to use it after updating to V. 3.6. Another issue is my laptop has an HDMI output and when trying to get sound from my tv instead of my laptop it wouldn't work. I finally figured out the reason last nite. Using Firefox I love the add-on AD Block Plus. This was for some reason blocking the sound from coming from the web site to the TV. I could "test" my sound and it would come from the TV but when watching videos using Firefox sound came from the laptop and I had trouble controlling the volume. Once I disabled Ad Block Plus, all was well. Also be aware that Vista requires you to set the HDMI as your default playback device to listen to sound on your tv but you won't be able to set it to default until you have an HDMI cable plugged into your computer and tv. I hope this helps!

Posted by: bcreek1 | January 25, 2010 12:57 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company