On the heels of ActiveX vulnerabilities in the image uploading tools for Facebook and MySpace.com, researchers warned Monday that Yahoo Instant Messenger and Yahoo Messenger are vulnerable to ActiveX-based attacks.
“That is what Microsoft got for making the Web deliberately incompatible with rival Web browsers.”The flaw is rated "extremely critical". That is what Microsoft got for making the Web deliberately incompatible with rival Web browsers. While failing to implement standards fully (or maliciously choosing not to) the company was very hard at work constructing a binding between the operating system and the World Wide Web, not to mention a browser dependency. Scott Fulton wrote about this very extensively.
The compatibility problem is not irrelevant to us because it almost perfectly matches the future state of OOXML, shall it be widely adopted. There are already (at least) four versions of OOXML, which companies like Novell, Linspire, Turbolinux and Xandros were pressured and/or paid by Microsoft to support. This was probably done against their will.
What lies ahead? Here is one person's idea:
Backwards compatibility of formats is a curse. An article of Microsoft Internet Explorer Platform architect Chris Wilson provided me with some insights how the market locks in developers of the non-conformant practice.
[...]
What does it mean for Office Open XML? No one can make sure that there will ever be an implementation of OOXML that conforms to the DIS 29500 specification. When changes are made to the specification there is still no guarantee that they would be applied in actual implementations. This is especially of concern for a government user that would decide to adopt a technically fully fixed ISO standard.
[PDF]
