News - Microsoft patches critical Internet Explorer hole

[HEXUS]

Microsoft admits to having known about the vulnerability for months.

Read more.

[scaryjim]

Widespread media attention has resulted in Microsoft issuing an out-of-band update that "addresses several vulnerabilities," some of which "could allow remote code execution if a user views a specially crafted Web page using Internet Explorer".

Why does that phrase always put me in mind of a group of dwarves, gathered round a monitor, delicately putting finishing touches to their masterpiece and giggling evilly...?

[Temi_D]

Saw the update this morning and inatalled it. TBH it was blown waaaaay out of proportion. I still use IE8

[TheAnimus]

There is something to be said for making it harder for "semi-targeted" or demographically targeted attacks by having a mix of software. A homogeneous environment is much easier to be naughty in.

Still I wouldn't go as far as encouraging someone to change their browser thou.

[Singh400]

Saw the update this morning and inatalled it. TBH it was blown waaaaay out of proportion. I still use IE8

What he said.

[jamiex]

Surely everyone should just switch to Firefox.

I think it's much better and there aren't as many problems as with IE (though if there are, maybe they're just not as widely reported)

[Singh400]

Surely everyone should just switch to Firefox.

I think it's much better and there aren't as many problems as with IE (though if there are, maybe they're just not as widely reported)

*resists the urge to bite*

[Funkstar]

Surely everyone should just switch to Firefox.

I think it's much better and there aren't as many problems as with IE (though if there are, maybe they're just not as widely reported)

I'll bite.

This isn't the complete argument for IE, but it is a significant one: as I understand it, there is no way to centrally manage security policies for FF without some major hacking. IE on the other hand can have portions enabled or disabled through the Windows Security profile. So I log into a box and get full admin rights, a colleague logs into the same box and gets a very restricted IE experience. even down to having different proxies. None of the alternative browsers can have this level of configuration through the standard windows security system. This is the major reason IE is still the default in corporate environments.


And anyway, I don't like FF, Opera is better IMVHO!

[watercooled]

Why does that phrase always put me in mind of a group of dwarves, gathered round a monitor, delicately putting finishing touches to their masterpiece and giggling evilly...?

You've been playing Runescape too much

[lodore]

Surely everyone should just switch to Firefox.

I think it's much better and there aren't as many problems as with IE (though if there are, maybe they're just not as widely reported)

the reason IE is so widely used is because it comes with windows. most people only discovered firefox because friends reccomended it. I used to use firefox as my main browser but ive had my fair share of issues with it and now prefer opera.

chrome has got tons of users quickly because its advertised on youtube and google.

[Moby-Dick]

Funkstar is absolutely correct - the policy based control is the main reason for Enterprise use of IE. ( that and a lot of our apps are written for IE )

[badass]

( that and a lot of our apps are written for IE )

Do they run on later versions of IE than 6?
That's one thing I hate about corporate desktops. Most still use IE6. We currently use IE7 as we haven't had enough time to test IE8 and by the time we have, we will be planning a Windows 7 rollout so it's a bit moot.

[12GaugeShotty]

I'll bite.

This isn't the complete argument for IE, but it is a significant one: as I understand it, there is no way to centrally manage security policies for FF without some major hacking. IE on the other hand can have portions enabled or disabled through the Windows Security profile. So I log into a box and get full admin rights, a colleague logs into the same box and gets a very restricted IE experience. even down to having different proxies. None of the alternative browsers can have this level of configuration through the standard windows security system. This is the major reason IE is still the default in corporate environments.


And anyway, I don't like FF, Opera is better IMVHO!

Major hacking? Adblock and NoScript are quite easy to install.

[Funkstar]

Major hacking? Adblock and NoScript are quite easy to install.

Yes, from individual machines, or perhaps if you remote in from another PC. But would you like ot do that to 300 PCs? and what about different access right for separate users on the same PC?

I'm sure you could script all this using logon scripts, but that's going to be a complete kludge, and will probably require you to actually install FF every time the user logs in.

Trust us on this one, there is nothing out there than can me managed (from a network admin point of view) than IE.

[aidanjt]

Eh? FF doesn't need security policies, because it's plain contained to a users profile, it has no low-level CraptiveX system access at all. And a sane package manager can push out security addons and updates to FF over the network.

[Mama Sumae]

and anyway, i don't like ff, opera is better imvho!

+1