The German and French governments have warned web users to find an alternative browser to Internet Explorer to protect security. Microsoft has admitted that IE was the weak link in recent attacks on Google’s systems. That Operation Aurora attack used Chinese malware. This broad attack exploits a new, not publicly known vulnerability in Microsoft Internet Explorer. Once the malware is downloaded and installed, it opens a back door that allows the attacker to perform reconnaissance and gain complete control over the compromised system.
Microsoft says that the IE browsers’ increased security setting (security zone to “high”) would prevent any serious risk, but German authorities say that even this would not make IE fully safe. This is a vulnerability that was announced in the last couple of days. Microsoft said that all versions of Internet Explorer were affected and there is no patch yet and Microsoft has not given any details of how soon a fix will be released. The risk is lower with more recent releases of its browser, but it is still there. Google IE flaw issue was clearly a PR disaster for Microsoft. Microsoft is hoping that the knee-jerk reaction of France and Germany is not mirrored elsewhere.
So if you are still using IE 6, then it is finally time time to get rid of that very old insecure browser. Any IT professional who is still allowing IE6 to be used in a corporate setting is guilty of malpractice. If you use IE7 or IE8, you should consider to start using a safer web browser because independent research says that IE 7 and 8 can also be exploited.
When you do the change I would recommend to change to Firefox, Opera or Google Chrome. While every browser has its security issues, the alternatives I have given do not have this vulnerability and should be considerable safer alternatives to IE in many other ways as well.
35 Comments
hydrolyze says:
I have started looking all over for this particular information. Luckily I uncovered it at Google.
KATHI
satellite internet providers says:
Excellent read. Givin you a quick note, the Rss button is not functional in Safari running on Leopard.
Marketing Info says:
Good morning!
I’ve been doing a lot of research online lately regarding traffic and Search Engine Optimization since I just started an marketing blog with a couple of buddies.
The information offered on your site would be of great value to our visitors and I believe your visitors would find great value in our site. Because our two websites are complementary rather than competitive, I see synergy here as an opportunity for our mutual benefit and I’d really like to exchange links with your website. Have a look at our site if you want, we put a lot of work and effort into it and are dedicated to improve it constantly.
We receive a lot of hits already (contact me for visitor stats) and I think both our websites can benefit from one another.
Anyway, just thought I’d share my thoughts with you – keep up the good work and contact me if interested!
Nancey Strutton says:
I love your site.
Madeline Helmus says:
I like your site.
Colby Harder says:
dont be evil
Webhostingpad Coupon says:
Ah, I find the actual fact has unlimited debatable points. I don’t wish to argue with you here, however I have my own opinions as well. Anyway, you did an amazing job in writing the post, and would like to praise you for the onerous work. Keep up with the great job!
Myron Weitze says:
hello there, i just saw your site via yahoo, and i must comment that you write pretty good on your site. i am truly moved by the mode that you express yourself, and the content is excellent. anyhow, i would also love to acknowledge whether you would like to exchange links with my site? i will be to the great extent than willing to reciprocate and put your link on in the link section. waiting for your response, i give my sincere thanks and have a great day!
Rufus Leonek says:
I hate IE, so I use only Firefox or Google Chrome.
Channing says:
Good day, glad i ran across your web blog. It taught me to be to comprehend the subject a little better.
Alden says:
I stumbled onto your blog, i think your blog is awsome, keep writing.
Stouffir Lani says:
Its like you read my mind! You appear to know so much about this, like you wrote the book in it or something. I think that you can do with a few pics to drive the message home a bit, but instead of that, this is wonderful blog. An excellent read. I will definitely be back… Stouffir Lani
signs of autism spectrum disorders says:
There seems to be one thought that has been neglected here.Some of the many things that signal the end of a couuntry/nation/civilisation are:-1. Moral standards (biblical) vanish2. Law fails and corruption reigns supreme3. Personal responsibility, honour and integrity becomes scarce and trust goes out the window (who me? paranoid? never!)4. Life revolves around I instead of us
Tomi Engdahl says:
The US Says Goodbye to IE6
http://windowsteamblog.com/ie/b/ie/archive/2012/01/03/the-us-says-goodbye-to-ie6.aspx
Time to pop open the champagne because, based on the latest data from Net Applications, IE6 usage in the US has now officially dropped below 1%!
IE6 has been the punch line of browser jokes for a while, and we’ve been as eager as anyone to see it go away.
Tomi Engdahl says:
The Internet Explorer 6 Countdown
Moving the world off Internet Explorer 6
http://www.ie6countdown.com/#map
Leigh Kachelmeyer says:
excellent issues altogether, you just won a brand new reader. What could you recommend in regards to your publish that you made a few days in the past? Any certain?
Tomi Engdahl says:
Death of IE6 still greatly exaggerated, says browser hit squad
http://www.theregister.co.uk/2012/02/02/ie6_browsium/
Internet Explorer 6 dead? In your dreams, Microsoft, in your dreams.
Redmond broke out the dancing shoes and did a twirl on IE6′s grave in January, citing data that showed its once-celebrated, now-hated browser had slipped below 1 per cent US market share. The decline followed some determined pushing by, of all people, Microsoft
One problem: the aforementioned data, gathered by Net Applications, counts browsers running on Joe Netizen’s PC. It doesn’t count enterprise users.
IE6 is entrenched because many apps such as ERP and CRM, as well as finance kit from SAP, Siebel and Hyperion – the business lifeblood for many enterprises – have been built to work solely in IE6. Migration is seen as too expensive, time-consuming or too risky: or all three.
For many business running Windows XP, their browser is IE6: they bypassed IE7 and IE8
Maik Reist says:
for years, Iam not anymore use IE….
Tomi Engdahl says:
Internet Explorer: The Browser You Love to Hate
http://www.webmonkey.com/2012/03/internet-explorer-the-browser-you-love-to-hate/
Microsoft has developed a penchant for self-mockery when it comes to the company’s much-maligned Internet Explorer web browser. Microsoft previously put up a website dedicated to eradicating IE6 from the web, and now it’s promoting IE9 by mocking its predecessors.
Microsoft’s The Browser You Loved to Hate promotional campaign — says, old versions of IE were good for only one thing: “downloading another browser.” That’s a sentiment echoed by countless Webmonkey commenters over the years.
Ismael Mynnerlyn says:
great points altogether, you just gained a new reader. What would you suggest in regards to your post that you just made some days in the past? Any certain?
online stock option trading says:
This domain appears to recieve a large ammount of visitors. How do you promote it? It gives a nice unique twist on things. I guess having something authentic or substantial to post about is the most important thing.
hearing aid phonak online says:
My sis advised me about your site and how great it is. Shes right, Im really impressed with the writing and slick design.. Hey very nice blog!! terrific tremendous.
kasor says:
Great post at Do not use Internet Explorer Tomi Engdahl’s ePanorama blog. I was checking continuously this blog and I’m impressed! Very helpful information specially the last part I care for such information much. I was seeking this particular information for a very long time. Thank you and good luck.
Tomi Engdahl says:
Aussie Online Retailer Impose IE7 Tax
http://tech.slashdot.org/story/12/06/14/0253237/aussie-online-retailer-impose-ie7-tax
“Online retailer Kogan will impose a new tax on its customers that visit its website using Microsoft’s outdated Internet Explorer 7 web browser, which means they will spend 6.8 percent more than customers on browsers like Firefox, Opera, Safari and Chrome.”
web team was having to spend a lot of time making its new website look normal on IE7. “It’s not only costing us a huge amount, it’s affecting any business with an online presence, and costing the Internet economy millions,” Mr Kogan said.
If it encourages folks to upgrade to v8 or v9, I imagine microsoft would be pretty happy with it actually. They’ve been campaigning for people to stop using v7
Tomi Engdahl says:
Software Discrimination Is Never The Answer
http://www.linuxjournal.com/content/software-discrimination-never-answer
Last night, as I was perusing social media, a post from a friend caught my attention. It seems that the web-types at Kogan, an online electronics retailer in Australia and the UK, have tired of the additional work required to support Internet Explorer 7, and to even the score, have imposed a 6.8% tax on shoppers using IE7.
While others were celebrating the move, as a Linux user, I was appalled. “What? Appalled? You should be cheering — it’s a master stroke against evil and outdated software!”
No, no it isn’t. It’s discrimination, and of a type that every Linux user has suffered.
I won’t deny that it’s a pain to ensure IE7 compatibility. As a web developer, I know it well. I’m keenly aware of the time I’ve spent fixing sites for IE7, and what it has cost my clients. As a business owner, I’m acutely aware of the cost of accommodating niche sections of the market. I feel the pain.
I understand the allure of a stunt like this — and let’s be honest, with IE7′s market share at 1.5%, this is about publicity, not profit loss
We all run up against a lack of Linux support on a regular basis, and if pressed, the responsible company is guaranteed to reply with a variant of “Sorry, supporting you would cost too much.” What one of us hasn’t heard “We don’t have the resources”, “Linux users aren’t a significant segment of our market”, “We have other development priorities”, and a million other ways of saying “You won’t bring in enough money to be worth our time”?
Cross-platform and cross-browser support is part of the cost of doing business. So are credit card processing fees, employee benefits, and the coffee machine in the break room. Taxing IE7 users because it’s too annoying to support them is as evil as creating IE-only websites that shut out users of Firefox or Chrome. It’s as evil as creating Flash sites that millions of users can’t see. It is the evil of saying “You’d better do what we tell you to, or you’re going to suffer for it.”
Grass Fed Steak says:
It’s appropriate time to make some plans for the future and it is time to be happy. I’ve read this post and if I could I wish to suggest you some intriguing points or guidelines. Possibly you can write next articles referring to this article. I wish to read more things about it!
Dino Bissel says:
I do trust all the ideas you’ve offered in your post. They’re really convincing and can certainly work. Still, the posts are too brief for beginners. May just you please prolong them a bit from subsequent time? Thanks for the post.
Tomi Engdahl says:
Google to axe IE 8 support, cuts off Windows XP lifeline
Waves goodbye to old Microsoft browser on 15 November
http://www.theregister.co.uk/2012/09/17/ie8_ditched_by_google/
Google confirmed late last week that it would soon be killing off support for Microsoft’s now aged browser, Internet Explorer 8, which also means it no longer gives a stuff about Windows XP hold-outs.
The company said in a blog post on Friday that it would discontinue support for IE 8 on 15 November, claiming the move was prompted by the forthcoming arrival of IE 10 on 26 October.
However, IE 8, which launched in March 2009, was also the final MS browser to support Redmond’s 11-year-old workhorse operating system that refuses to die: Windows XP.
Of course, it was Microsoft and not Google that ultimately abandoned Windows XP users by not providing support for them in either IE 9 or the soon-to-be-released IE 10.
Tomi Engdahl says:
Users told: Get rid of Internet Explorer (again)
It’s more like an exploit than a browser
http://www.theregister.co.uk/2012/09/17/yet_another_explorer_zero_day/
Internet Explorer users have been told to ditch the application and switch to another browser, pronto.
The warning comes from Rapid7, which describes a hole that’s exploitable by visiting a malicious Website (and, of course, in the world of Twitter and shortened URLs, it’s so much easier to get users to visit such sites).
Visiting a malicious site gives the attacker the same privileges as the current user
Although the published exploit targets XP, Rapid7 says the attack works on IE 7 through 9 running on XP, Vista and Windows 7.
Romang claims the exploit was created by the same group – Nitro – that recently released a Java zero-day into the wild.
This is one of the few times that a vulnerability has been successfully exploited across all the production shipping versions of the browser and OS
Tomi Engdahl says:
In Internet Explorer, a serious risk – protect yourself against this
When the surfer ends up getting viruses from infecting your website, the site owner can take possession of the computer used for surfing.
There is no correction for this yet.
Microsoft recommendations:
Install: Enhanced Mitigation Experience Toolkit v3.0
Set IE security: intranet and the Internet security level to “high.”
Source: http://www.iltasanomat.fi/digi/art-1288500272218.html
Enhanced Mitigation Experience Toolkit v3.0
A toolkit for deploying and configuring security mitigation technologies
http://www.microsoft.com/en-us/download/details.aspx?id=29851
Critical zero-day bug in Internet Explorer under active attack
Remotely triggered vuln can affect a wide variety of IE and Windows versions.
http://arstechnica.com/security/2012/09/critical-zero-day-bug-in-microsoft-internet-explorer/
Get rid of IE now! « Tomi Engdahl’s ePanorama blog says:
[...] rid of IE now! Internet Explorer users have been told in many sources many times (including my blog): ditch the IE application and switch to another browser, pronto. There is a a new serious hole [...]
Uwe says:
Very good article, I will bookmark your blog.
Ruby Clarke says:
Very interesting article. Thanks for the information!
ClaireSchmidt says:
Now we have IE8 – do you have more information? When working with software we have to learn all the time – so I will visit you blog again. Thanks.
tomi says:
Please write in English next time. Translation of your message to English:
“E-book written and blogging too much, but this blog article is actually one of the best”