Reasons to Avoid Microsoft
MS Internet Explorer
These pages are a compilation of links and quotes to news articles and
others sources that might help convince you to switch to Linux.
Next 25 Articles
- Microsoft IE Flaw Exploited by Hackers to Steal Info From Google
In this case the flaw wasn't overly severe, but the attackers were
unusually sophisticated and struck out at businesses, looking to steal
their data. Writes Dmitri Alperovitch, a vice president of research
with McAfee, 'We have never seen attacks of this sophistication in the
commercial space. We have previously only seen them in the government
- Major IE8 flaw makes 'safe' sites unsafe
The latest version of Microsoft's Internet Explorer browser contains
a bug that can enable serious security attacks against websites that
are otherwise safe. The flaw in IE 8 can be exploited to introduce
XSS, or cross-site scripting, errors on webpages that are otherwise
safe... Ironically, the flaw resides in a protection added by Microsoft
developers to IE 8 that's designed to prevent XSS attacks against
- Microsoft confirms that all versions of IE have critical new bug
[Microsoft] adds IE6 and IE8 Beta 2 to the list, recommends disabling
.dll to stay safe. The unpatched bug in Internet Explorer 7 (IE7)
that hackers are now exploiting also exists in older versions of the
browser, including the still-widely-used IE6, Microsoft Corp. said
Warning: Missing argument 6 for item(), called in /var/www/lugod/microsoft/index.php on line 637 and defined in /var/www/lugod/microsoft/includes.php on line 38
- Internet Explorer Unsafe for 284 Days in 2006
(Washington Post 'Security Fix' Blog,
For a total 284 days in 2006 (or more than nine months out of the
year), exploit code for known, unpatched critical flaws in [IE] was
publicly available on the Internet. Likewise, there were at least 98
days last year in which no software fixes from Microsoft were available
to fix IE flaws that criminals were actively using to steal personal
and financial data from users. ... In contrast, [the Open Source Mozilla
Firefox browser] experienced a single period lasting just nine days
last year in which exploit code for a serious security hole was posted
online before Mozilla shipped a patch to remedy the problem.
- IE7 flaw a canary in the coalmine?
Internet Explorer 7 is supposed to be one of the big ones for
Microsoft, a catchup browser five years in the making. Aside from
the catchup features, it was the tighter security that was always
going to be the clincher for many users, particularly in the business
world. However, the perception of a more secure browsing experience with
IE7 is already under strain with the discovery of a flaw just hours
after release. ... one could question the entry of Microsoft into the
security space on the eve of the release of Vista in the first place
... why [would] an operating system vendor in the process of releasing
a supposedly rock solid secure system [...] believe there's money to
be made out of security products for that system[?]
- IE7 Vulnerability Discovered
Not 24 hours after the release of IE7, Secunia reports Internet
Explorer Arbitrary Content Disclosure Vulnerability. So much for the
'you wanted it easier and more secure' slogan found on Microsoft's
- Three's a charm for MS06-042?
It's patch Tuesday again, and Microsoft's hoping three's a charm for
its wayward Cumulative [Internet Explorer] patch, MS06-042. The company
quietly re-released (actually re-re-released) [the patch] today to fix yet
another security hole introduced by the [previous] software update. ...
the [Internet Explorer] patch was updated [...] to fix another remote code
execution vulnerability ... That's almost identical to the problem
introduced in the original version of the patch...
- Hacked Ad Seen on MySpace Served Spyware to a Million
An online banner advertisement that ran on MySpace.com and other sites
over the past week used a Windows security flaw to infect more than a
million users with spyware when people merely browsed the sites with
unpatched versions of Windows... online criminal groups have been using
the flaw to install adware, keystroke loggers and all manner of invasive
software for the past seven months. This stuff bombards the user with
pop-up ads and tracks their Web usage. Only a little more than half
of the anti-virus programs [tested] flagged the various programs that
the Trojan tried to download as malicious or suspicious.
The Yamanner worm does not send itself as an attachment, it resides
inside the e-mail body. The worm activates automatically by just
opening an infected e-mail message with Internet Explorer.
- Internet Explorer Window Loading Race Condition Address Bar Spoofing
[A] vulnerability in Internet Explorer [has been discovered] which can
be exploited by malicious people to conduct phishing attack.
- Microsoft Confirms IE Under Attack
[An] unpatched flaw in Internet Explorer [discovered last week is]
already being exploited by hackers who are using hijacked Web servers
and compromised Web sites to launch a wave of attacks against Microsoft
- Spyware Barely Touches Firefox
Internet Explorer users can be as much as 21 times more likely to end
up with a spyware-infected PC than people who go online with Mozilla's
Firefox browser, academic researchers [said]. ... [Researchers] sent
their crawlers to 45,000 Web sites, cataloged the executable files
found, and tested malicious sites' effectiveness by exposing unpatched
versions of Internet Explorer and Firefox to "drive-by downloads."
... no domain managed to infect the Firefox-equipped PC in a drive-by
- Critical Windows Patch Fights Takeover Attacks
Three image-rendering flaws in the Windows operating system could put
millions of Internet-connected users at risk of PC takeover attacks,
Microsoft Corp. warned on Tuesday. The flaws could be exploited via
any software that displays images, including the widely used Microsoft
Outlook, Microsoft Word and Internet Explorer programs.
- Microsoft probes report of IE flaw
A new flaw in Internet Explorer could be exploited to launch
spoof-based attacks, or access and change data on vulnerable PCs,
security experts have warned. ... An attacker could spoof a legitimate
Web site, access data from the Web browser's cache or stage a so-called
man-in-the-middle attack, which taps into traffic between a user
and another Web site... Fully-patched computers running Windows XP
with Service Pack 2 and Internet Explorer 6.0 are vulnerable to this
- IE flaw puts Windows XP SP2 at risk
A flaw has been discovered in Internet Explorer that could enable a
remote attack on systems running Windows XP with Service Pack 2...
- IE Plagued by 'Extremely Critical' Flaws
Secunia recommends users drop IE and use an alternative browser. ...
Millions of Internet Explorer 6 users are at risk from three 'extremely
critical' security holes that give hackers open access to PCs
running the browser -- even if Windows XP Service Pack Two has been
installed. ... '[A] very critical vulnerability has been developed that
can compromise a user's system without the need for user interaction
besides visiting the malicious page.'
- Microsoft Internet Explorer Multiple Vulnerabilities
Some vulnerabilities have been discovered in Internet Explorer, which
can be exploited by malicious people to compromise a user's system,
conduct cross-site/zone scripting and bypass a security feature in
Microsoft Windows XP SP2. ... Vulnerability 1 and 2, or 3 alone,
in combination with an inappropriate behaviour where the ActiveX
Data Object (ADO) model can write arbitrary files can be exploited
to compromise a user's system. This has been confirmed on a fully
patched system with Internet Explorer 6.0 and Microsoft Windows XP
SP2. Solution: Use another product.
- Symantec: Phel Trojan horse attacks on Windows XP
The Trojan is capable of remotely controlling a user's system even
if the latest Windows XP Service Pack, SP2, has been installed.
- Internet Explorer DHTML Edit ActiveX Control Cross-Site Scripting
A vulnerability in Internet Explorer [has been discovered], which can be
exploited by malicious people to conduct cross-site scripting attacks.
The vulnerability has been confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows XP SP1/SP2.
- Government says Finnish with IE 6
A government agency in Finland is urging the country's citizens to
avoid use of Internet Explorer until Microsoft has patched the Bofra
vulnerability. ... Microsoft has yet to announce when it will release
a patch for the vulnerability, which was published at the beginning
- Who Profits from Security Holes?
(Benjamin Edelman's website,
How bad is this problem? How much junk can get installed on a user's
PC by merely visiting a single site? I set out to see for myself --
by visiting a single web page taking advantage of a security hole
(in an ordinary fresh copy of Windows XP), and by recording what
programs that site caused to be installed on my PC. In the course of
my testing, my test PC was brought to a virtual stand-still -- with
at least 16 distinct programs installed. I was not shown licenses or
other installation prompts for any of these programs, and I certainly
didn't consent to their installation on my PC.
- Bofra worm sets trap for unwary
Bofra-A poses as photos from an adult webcam in an attempt to
fool users into clicking on a link. Clicking on the link causes
the targeted PC to run malicious script hosted on a previously
infected computer. ... Once a new system is infected, the worm
sets up an embedded web server... Infected PCs establish an IRC
session... allowing hackers to control compromised machines. The worm
also harvests to further its propagation. Unlike standard bulk-mailing
worms, Bofra does not send copies of itself within infected email but
a HTTP link that points to the host that sent the infected email.
- Double MyDoom for Internet Explorer flaw
The viruses use a vulnerability in Microsoft's Internet Explorer 6.0
that allows an attacker to run a program on a computer just by getting
the user to click on a link.
- New URL spoofing bug in Microsoft Internet Explorer
There is a security bug in Internet Explorer 6.0.2800.1106 (fully patched),
which allowes to show any faked target-address in the status bar of the
Collection originally created by, donated to LUGOD by,
and maintained by
Microsoft, Internet Explorer, Outlook, IIS, XP, XBox, etc. are
trademarks or registered trademarks of Microsoft.
Linux is a trademark of Linus Torvalds.
Most category icons created by Bill Kendrick.