ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

Is it finally time to abandon IE?

(1/9) > >>

zridling:

Yesterday's BBC story on IE's latest security flaw makes me wonder whether it's time to give up on IE and [permanently] move on to another browser. Said Mr Ferguson: "If users can find an alternative browser, then that's good mitigation against the threat." Further, "An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. As far as I understand it, that means there is a real danger that Internet Explorer 6, 7, and 8 users could be opening the door to cyber criminals to allow them to ransack the contents of your hard drive."

What to do?
- Make sure anti-virus software is up to date.
- Run Internet Explorer 7 or 8 in "protected mode."
- Set Internet Explorer zone security setting to "High."
- Windows users should enable Automatic Updates so that they get any patch that is issued ASAP.

Bruce Schneier has long held that Microsoft sees security as a marketing problem rather than a technical problem. How many more chances do we give IE, or is it finally time to switch, given the many good choices available?

Josh:
Or just wait for a patch as again, I have not been affected by a single security exploit which wasn't activex related since IE6 SP2. Every time a new security hole is found, the fanatics jump at the chance to bad mouth microsoft. I have stayed patched for years and have never been exploited by IE, again, since V6 SP2.

mrainey:
I've been using Windows exclusively for the past dozen years or so (but not IE for the past five - just don't like it).  I stay patched and try to use common sense.  In all that time, nothing has taken control of or otherwise "zombified" any of my computers.    I'm pretty sure of that, because I don't get porn popups and my bank account hasn't been cleaned out.

Knock on wood, I guess.

Josh:
That, and calling for users to switch due to security holes is just sheer idiocy. Every product has security holes, some get more attention because the product is used far more and by more people. The products used less get noticed less when a hole is found. A hacker is not going to spend hours trying to exploit a hole in a product that only 1-2% of the users use. To get noticed, you have to exploit what is in wide use. Put firefox in IE's shoes and you will see the same thing. How many times have I had to install a second update (3.03 to 3.04) just to fix a problem that the last update 2 days prior introduced? Microsoft at least takes time to fix and test their patches.

justice:
Just dont run IE as an administrator and then this flaw is already a lot less severe. most other flaws are not applicable when run as a limited user.

Navigation

[0] Message Index

[#] Next page

Go to full version