Microsoft Prepares Emergency IE Patch

By Craig Buckler
We teamed up with SiteGround
To bring you up to 65% off web hosting, plus free access to the entire SitePoint Premium library (worth $99). Get SiteGround + SitePoint Premium Now

IE patchFollowing recommendations from the French and German governments that users should switch from Internet Explorer, Microsoft has decided to release an emergency browser patch before the next scheduled update on February 9, 2010.

The IE flaw was identified as one of the primary targets of the recent attacks on Google’s GMail and other systems which originated in China. The attack, known as “Aurora,” caused several governments and security companies to issue warnings about IE and recommend users switched browsers until Microsoft produced a patch. (Although some took a more cautious approach stating that attacks were rare and switching browsers might give users a false sense of security.)

Microsoft continue to deny there is a significant problem, but they cannot really win in this situation. By not issuing a fix, the publicity would make people question IE’s security and could prompt businesses and individuals to abandon the browser. By issuing the patch ahead of normal release schedules, Microsoft appears to be admitting that the flaw is as serious as reported.

The Microsoft Security Response Center statement includes:

Given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves and the escalating threat environment Microsoft will release a security update out-of-band for this vulnerability.

In my opinion, it doesn’t matter whether the security problem is minor or difficult to exploit. You can guarantee programmers and hackers across the world are investigating the flaw because of the publicity which surrounds it. Microsoft is doing the right thing and the patch will be issued once it’s passed the company’s testing procedures.

Many will argue that IE should never have had the flaw in the first place or that it should have been fixed at some point within the past decade. All those who produce perfect bug-free code may mock Microsoft now!…

The most important and interesting stories in tech. Straight to your inbox, daily. Get Versioning.
We teamed up with SiteGround
To bring you up to 65% off web hosting, plus free access to the entire SitePoint Premium library (worth $99). Get SiteGround + SitePoint Premium Now
Login or Create Account to Comment
Login Create Account