You found me…
Posts tagged internet explorer
Microsoft finally patches 17-year-old bug
Feb 5th
A 17-year-old bug in Windows will be patched by Microsoft in its latest security update.
The February update for Windows will close the loophole that involves the venerable DOS operating system.
First appearing in Windows NT 3.1, the vulnerability has been carried over into almost every version of Windows that has appeared since.
The monthly security update will also tackle a further 25 holes in Windows, five of which are rated as “critical”.
Home hijack
The ancient bug was discovered by Google security researcher Tavis Ormandy in January 2010 and involves a utility that allows newer versions of Windows to run programs that date from the DOS era.
Mr Ormandy has found a way to exploit this utility in Windows XP, Windows Server 2003 and 2008 as well as Windows Vista and Windows 7.
The patch for this vulnerability will appear in the February security update. Five of the vulnerabilities being patched at the same time allow attackers to effectively hijack a Windows PC and run their own programs on it.
As well as fixing holes in many versions of Windows, the update also tackles bugs in Office XP, Office 2003 and Office 2004 for Apple Macintosh machines.
The bumper update is not the largest that Microsoft has ever released. The security update for October 2009 tackled a total of 34 vulnerabilities. Eight of those updates were rated as critical – the highest level.
In January 2010, Microsoft released an “out of band” patch for a serious vulnerability in Internet Explorer that was being exploited online. The vulnerability was also thought to be the one used to attack Google in China.
Following the attack on Google, many other cyber criminals started seeking ways to exploit the loophole.
Also this week, a security researcher has reported the discovery of a vulnerability in Internet Explorer that allows attackers to view the files held on a victim’s machine.
Microsoft has issued a security bulletin about the problem and aims to tackle it at a future date. At the moment there is no evidence that this latest find is being actively exploited online.
IE6 Must Die
Jul 16th
Mashable does a great writeup on why IE6 Must Die for the Web to Move On. The serious downsides to IE6 are:
- CSS v2 (Cascading Style Sheets): This is the code that enables almost all design on the web. In other words, designers have to hack up websites just to make them load in IE6.
- PNG Transparency: A great deal of .png images don’t display correctly in IE6. It basically kills using them in design work.
- General Security: Just like not updating your virus software can get you riddled with spyware, not updating your browser can be a gateway to attacks. There are even code snippets that will shut down IE6. I won’t tell you what they are, but you can find them on Wikipedia. It’s unstable.
- Digg , Facebook , and YouTube (soon): Both Digg and YouTube have announced that they’re cutting back on IE6 support. Facebook already gives you suggestions for better browsers if you try to log in with IE6. You won’t be able to Digg articles or browse YouTube via IE6 in the near future.
You should read through the entire article though if this is something that is of interest to you because they go into HTML5 as well as how IE6 is hurting web development progression in general. As a “web guy” I can’t wait for IE6 to die. When a client says they want to target IE6 (I usually say “current release + one version back” but sometimes they object) I utterly cringe because I know what a PITA it will be.
Catch the full article on Mashable.
Microsoft’s SuperPreview Allows Cross Browser Testing
Mar 19th
Via istartedsomething: Every web developer today faces the challenge of checking website compatibility across a large pool of browsers and browser versions in the marketplace. Up and until now, either you could install every browser, verify the website via a visual inspection and debug with tools specialized to that browser, or you could send a URL to a third-party screenshotting service like BrowserShots for an all-in-one visual inspection. The former is messy and tedious but gives you more control and an opportunity to diagnose problems, whilst the latter is simple but slow and useless to fix the problem. Needless to say, SuperPreview is the best of both worlds.
SuperPreview as a tool allows you to compare different rendering engines in a single unified interface. Simple clicks gives you comparisons between Internet Explorer 6, the native version of Internet Explorer installed, other browsers you may have installed locally – Firefox 3.5, Safari 3, Safari 4 – and even an bitmap images of website prototypes.
Pushing the envelopes a little, Microsoft is also building in support for remote rendering, such as those on different operating systems even. Details about this feature is not entirely clear at the moment, but I would expect this to be more advanced than just an image rendering. On top of just a visual inspection, you have a standard set of modern HTML debugging tools like a DOM inspector, CSS inspector, element highlighting, pixel rulers and guides.
And perhaps what I think is the coolest feature, an overlay mode to compare exactly what’s different for pixel-perfect alignment. Or if you cross your eyes, the web in 3D.
Finally, how you can get your dirty web developer paws on this awesome tool, and it’s a little complicated to say the least. The beta of this software available right now is downloadable from Microsoft.com (250MB). The catch being it only supports renderings between IE6 and versions of IE installed on your computer already, but it should ease the pain of testing for IE6/7/8 compatibility for a lot of devs.
The full and final version of this product will be bundled together with Expression Web 3, sometime later this year and will run as a separate standalone application. Unfortunately for the many Mac web developers out there, because Expression Web is not an application part of the Expression Mac suite, SuperPreview will not be available.
You can watch this announcement and more from MIX09 from the livestream website.
Browser Battle: Nine Browsers Compared
Mar 6th
Repost from my buddy Ken’s site.
MaximPC posted a very lengthy article in which it compared nine different web browsers. The article compares…
- Stable / Upcoming Releases
- Rendering Engines
- User Interface
- Standards Compliance
- Security and Privacy
- Add-Ons and Themes
- Performance
The article is much to lengthy for me to post in its entirety so I’ve posted the intro and a chart that highlights the comparisons. I encourage you to read their entire article.
[MaximPC] Anyone who may have thought the death of Netscape would signal the end of the browser wars, boy were they mistaken. In fact, it could be argued that it was at that point it all began. It didn’t take long for Mozilla’s Firefox to emerge from Netscape Navigator’s ashes, and over time, Firefox would win over enthusiasts with a potent combination of speed, security, and an unprecedented level of customization.
What started as a two-man battle is quickly growing into all-out warfare. Prepare to be overwhelmed by an onslaught of new browser releases in the coming months as Microsoft, Mozilla, Apple, Opera Software, and Google all vie to provide your vehicle for navigating the web. Each one brings something new to the table, whether it be blazing fast performance or a unique feature-set. Don’t worry if you haven’t been paying attention – we jump in the trenches with whole lot of them and get to know each one on a personal basis.
Source: MaximPC
Source: AKSturgeon