Microsoft IE breached by new attacks
There is no question that Microsoft's Internet Explorer has become more secure over time. There's also no question that with roughly 69 percent of the global browser market, IE remains a meaty target.
It is therefore not surprising that IE is under attack, though perhaps the recent breach of fully-patched IE is surprising, as as The Register reports:
The attacks target a flaw in the way IE handles certain types of data that use the extensible markup language, or XML, format. The bug references already freed memory in the mshtml.dll file. According to IDG News, exploits work about one in three times, and only after a victim has visited a website that serves a malicious piece of javascript.
As usual, there is browser security and then there's "user of the browser security." I suspect that the former is pretty strong with IE, but the latter...? Well, if someone wants to foolishly visit suspect sites, perhaps they're getting what they deserve.
Matt Asay brings a decade of in-the-trenches open-source business and legal experience to The Open Road, with an emphasis on emerging open-source business strategies and opportunities. Matt is vice president of business development at Alfresco, a company that develops open-source software for content management. He is a member of the CNET Blog Network and is not an employee of CNET. Disclosure. You can follow Matt on Twitter @mjasay. 





I think you meant to say: "Well, if someone wants to foolishly use IE, perhaps they're getting what they deserve."
That is closer to the truth.
Gotta be fair to MS :)
In terms of security ineptness, the people behind PHP and many who use it, are easily Microsoft's equal.
Legit sites like CNN, the US Postal Service, and several UK municipalities have been compromised.
http://www.infoworld.com/article/08/10/03/Researcher_finds_evidence_of_massive_Web_site_compromise_1.html
Can't really blame the end users any more :(
-Greg C
- by Martin_Anon December 10, 2008 11:26 PM PST
- That last sentence was just amazingly self-righteous. I enjoy your writing and your articles and expect better from you. I usually expect you to apply a little more thinking to your ideas before publishing something like that.
- Like this Reply to this comment
-
(6 Comments)As for the rest - great stuff!
Thanks.
Regards, Martin.