IE users advised to switch over flaw |
Follow the ups and downs of a new Seattle startup in a series of behind-the-scenes posts by its founders.
Today On Techflash
- Shares of drugstore.com rise after results
- Rhapsody going independent
- Microsoft unimpressed with Google Buzz
- WGA 'spyware' suit vs. Microsoft dropped
- Paul Allen's Brangelina moment
- LiquidPlanner hire, Paul Allen and more
- Tell us your sales horror stories
- Calbucci to sell Twitter list service
- A color screen for the next Kindle?
Tech Events
Mass High Tech
- Gates, Ozzie, Microsoft execs patent 'personal data mining'
- Bill Gates, startup lessons and other top stories of the month
- Bill Gates' shirt, iPad vs. Kindle and other comments of the week
- Bill Gates on The Daily Show: 'I am a very loyal Microsoft user'
- Bill Gates on Daily Show tonight, maybe this time he'll stick around
IE users advised to switch over flaw
[Update: Microsoft plans to release a patch for the flaw Wednesday morning. Details at the bottom of post.]
Microsoft is offering an elaborate set of workarounds to help Internet Explorer users avoid attacks on an unpatched flaw that surfaced last week. Security researchers and bloggers are offering a different solution: Stop using IE altogether, at least temporarily.
"Switch to another browser, preferably Firefox. This is by far the best option," writes Richard Wray of the Guardian in a post today.
For all of the efforts Microsoft has made to tighten the security of its software, the situation demonstrates the continued potential for vulnerabilities to affect market share. Internet Explorer's problems with spyware helped Firefox gain traction several years ago.
The latest flaw lets hackers attack computers that visit compromised Web sites. It's especially concerning because it's a "zero-day" vulnerability, already being exploited before a fix is available. Microsoft says it's investigating the situation and will take "appropriate action," which could include issuing a patch out of its normal monthly cycle.
"I would advise Windows users to consider browsing the Web with anything other than Internet Explorer, at least until Microsoft issues a patch to fix this vulnerability," wrote Washington Post security blogger Brian Krebs in a post after the flaw came to light last week. "It is not my intention to over-hype the situation, but as we have seen time and again, attackers are usually very quick to take advantage of flaws in IE because the program is the default browser for close to 80 percent of the planet."
Microsoft, meanwhile, seems to be grappling with precisely how to characterize the severity of the situation.
In a post Saturday on the Microsoft Malware Protection Center blog, Ziv Mador and Tareq Saade initially wrote that they saw "a huge increase in the number of reports today compared to yesterday." That language has since been changed to say that they saw "an increase of over 50% in the number of reports today compared to yesterday."
Watch this Microsoft site for ongoing details and updates on the flaw.
Update, 2 p.m.: Microsoft said this afternoon that it will issue a special security patch for the Internet Explorer vulnerability Wednesday morning via Automatic Updates and Microsoft Update. Details on this Microsoft page.
About Todd Bishop
Todd Bishop is co-founder and managing editor of TechFlash. He has covered Microsoft and the technology industry for more than five years, most recently as a daily newspaper reporter and blogger based in Seattle.
READ FULL BIOGRAPHYRecent Sponsor Posts
Seattle Repertory Theatre presents Glengarry Glen Ross Feb 5th to Feb 28th
One of the largest and most renowned regional theatres in the country, Seattle Repertory Theatre produces a mix of celebrated classics, recent Broadway hits and cutting-edge new works in two theatre spaces. Now playing David Mamet's American classic Glengarry Glen Ross through February 28. Join us for Sales Rep Industry night February 11 with the Puget Sound Business Journal. For details click here.
Join the Microsoft WebsiteSpark program and get software, support and visibility – at no upfront cost. You’ll benefit from fast and easy access to current Microsoft development tools, platform technology and server products including Visual Studio, Expression Studio, Silverlight, Windows Web Server 2008 and SQL Server 2008 Web.
Seattle-based Adhost is a WebsiteSpark hosting partner providing dedicated servers with free Windows Web Server 2008 and SQL Server 2008 licensing for three years to Web developers enrolled in WebsiteSpark. Servers are located in our secure data center with SAS 70 Type II certification, 24x7 technical support and 24x7 client access.
WTIA 15th Annual Industry Achievement Awards
Held on March 4th at the Showbox SODO, this casual event celebrates and recognizes some of the best emerging and established companies in the Washington Tech Industry. The evening will feature a finalist company technology showcase and a variety of coffee, chocolate, and wine samples from local companies. More than 800 attendees are expected to be present at the celebration. Public online voting for Technology Leader of Tomorrow Scholarships will open February 3rd on the WTIA site.
We congratulate the 2010 finalists and look forward to unveiling the winners on March 4th. REGISTER NOW!
From the trenches
