Barney's Blog

Blog archive

IE Patch Rushed to Market

An IE remote code execution (RCE) flaw is so serious that it just can't wait till April's Patch Tuesday. Instead, an out-of-band fix was released this week.

The RCE issue occurs when someone is led to a malicious Web page and is lured into clicking. The fix applies to all current forms of IE -- from IE 5 to the latest, IE 8.

The patch is actually a cumulative fix, repairing a heaping 10 problems.

Experts see this out-of-band patch as a sign that Redmond is getting more aggressive about fixing problems it or outsiders discover. Some praise this aggressiveness while others see the fixes as symptoms of an underlying disease, and suggest IT move off of IE.

Do you trust IE? Are other browsers really more secure? Your opinions welcome at dbarney@redmondmag.com.

Posted by Doug Barney on 03/31/2010 at 1:17 PM


comments powered by Disqus

Reader Comments:

Thu, Apr 1, 2010 JC Seattle, WA

As mentioned in other posts, IE is the most prevalent browser and therefore more noteworthy when hacked. It's been a while since I checked but the SANS Institute seemed to always have Firefox and Safari higher on their list of vulnerable browsers than IE. I agree with MS that a layered approach to security is advisable. Security through obscurity isn't.

Thu, Apr 1, 2010

IE has two core security issues. First, it is the most popular browser and is default on the most popular OS. This makes IE the most tempting target for people looking for exploits. Second, IE is used as part of Windows Explorer, Outlook and other applications which cause it to be much more complex than other browsers. It took the industry 10 years to find this issue in the most common browser... there will be similar finds in other browsers if they ever get the same face-time.

Thu, Apr 1, 2010 Craig MD

All browsers have flaws and even though some may be more secure today, they can have issues tomorrow. It seems to be a never ending game of updates and fixes, again this applies to all browsers and all software. I use IE8 at work and home on Windows 7 and have not run into any problems.

Wed, Mar 31, 2010 Dan Iowa

On the other hand, if Toyota were using the software programmers that Microsoft uses, they could tell you exactly what caused the car to accelerate. They'd provide a fix for it which you could download, by simply clicking a button on the car, and you could pretty much count on the problem being fixed. Yes, I trust IE more than other browsers. IE may not be perfect, but it has the best patch management system out there.

Wed, Mar 31, 2010 Tom Johnston Newark, DE

Doug; Maybe Toyota is using the software programmers that Microsoft uses.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.