Bonum Certa Men Certa

Internet Explorer Still Not Secure, Still Standards-hostile, and Still Giving the NHS a Headache


Yorkshire air ambulance (NHS)



Summary: Internet Explorer mayday is still here, SVG is still not supported, and British taxpayers pay the price (or pay with their lives)

GOOGLE has issued a challenge to China, removing some censorship in the process (and getting some praise or flak for it). Totalitarians' sympathiser, Microsoft, says it will carry on censoring results for the suppressive regime, which it later denies because it does not want the public to know (bad for PR). We wrote about this before and provided extensive evidence.



Using a new product, Microsoft helps manipulate search engines like Google and it is curious because Google's China attacks were caused by Internet Explorer [1, 2, 3, 4, 5, 6, 7, 8, 9, 10] (and more specifically, Microsoft's negligence [1, 2, 3]). Internet Explorer is still not secure. From the news:



A renowned security research company has revealed that it has managed to discover yet another set to vulnerabilities in Internet Explorer, Microsoft's web browser, a mere day after the company patched the browser after a high-profile and highly-publicized attack on Google in China.


There was also a vulnerability disclosed a day after Microsoft had released patches. How about the vulnerability that's 17 years old? Among the news coverage we have:



  1. Microsoft investigates 17-year-old Windows flaw


  2. Microsoft warns of flaw in 32-bit Windows kernel


  3. Microsoft confirms 17-year-old Windows vulnerability


  4. Microsoft confirms low-risk zero-day in Windows kernel


  5. Microsoft: Identifies 17-Year-Old Bug in Windows – It’s about time


  6. 17-year-old Microsoft flaw affects Windows 7


  7. Microsoft Warns About 17-Year-Old Windows Bug


  8. Microsoft investigating ZeroDay impacting Windows NT Kernel


On the heels of Microsoft announcing an out-of-cycle patch for the ZeroDay vulnerability in Internet Explorer, researcher Travis Ormandy has released details on another ZeroDay that exists in the Windows NT Kernel on every system version from Windows NT 3.1 to Windows 7.


This is confirmed by Microsoft itself by the way.

The NHS, which is a Windows shop for the most part [1, 2, 3, 4, 5], should already abandon Windows or at least abandon Internet Explorer.

Why the NHS can't get its browser act together



[...]

Don't worry, said Microsoft a few days ago: the zero-day vulnerability that Chinese hackers exploited to infiltrate Google's network only affects Internet Explorer 6 (released in 2000) running on Windows XP (released in 2001).

The implication being that nobody uses that still, do they? Ed Bott, who has forgotten more about Microsoft than many people know, says in a vehement blogpost at ZDNet that:
"Any IT professional who is still allowing IE6 to be used in a corporate setting is guilty of malpractice. Think that judgment is too harsh? Ask the security experts at Google, Adobe, and dozens of other large corporations that are cleaning up the mess from a wave of targeted attacks that allowed source code and confidential data to fall into the hands of well-organized intruders. The entry point? According to Microsoft, it's IE6."


Ed Bott is a Microsoft-bribed mouthpiece, so it hardly matters what he says about Microsoft products. He lied about rivals of Internet Explorer a few days ago (by repeating the Microsoft talking points). He is almost ZDNet's way of advertising Microsoft under the more trustworthy guise of "blogs".

As an aside, Internet Explorer still does not support SVG, which has been around for ages. There is no reason to believe that this will change, according to this new analysis which says:

As usual, Microsoft's action drew considerable scrutiny and even skepticism. It's not hard to find commenters who write about "false marriage", "damage" and lock-out. The major market reality that has impacted SVG for years is that all major Web browsers support it--except for Microsoft's Internet Explorer. Numerous projects have decided against SVG in their designs precisely because of this lack.

Initial reaction to Microsoft's decision has been, in my paraphrase: "Finally! Soon IE will support SVG, and we can get back to our programming." I'm unconvinced -- but also unsure that it matters.

There's no guarantee that Microsoft will ever upgrade IE again, let alone that it'll include SVG. Even if it does, it'll be many years before use of earlier versions (IE 5, 6, 7, and 8, for example) falls below whatever threshold decision-makers decide should apply.


We wrote about this in:



Internet Explorer should just be removed from the Internet. It was only put on the Internet in order to sell Windows, Office and along with them substitutes to standards like SVG, so it's not just simply a Web browser.

"In one piece of mail people were suggesting that Office had to work equally well with all browsers and that we shouldn’t force Office users to use our browser. This Is wrong and I wanted to correct this.

"Another suggestion In this mail was that we can’t make our own unilateral extensions to HTML I was going to say this was wrong and correct this also."

--Bill Gates [PDF]

Comments

Recent Techrights' Posts

Another Site Bites the Dust: "Open Source For You" Becoming a Slopfarm (LLM Slop)
What a shame. Another dead site.
Microsoft 'Studies' Again? Leon Musolff is Writing Papers With Microsoft.
Even if one can see/find a link to "the study" (in the Bezos-controlled publication), most people won't look any further and just take everything at face value.
Towards GNU World Domination
The FSF led by Geoffrey S. Knauth with his friend Richard Stallman in the FSF's Board [...] Let's encourage people to adopt GNU/Linux. There has never been a better time.
 
We're Working to Make Full-Site Search Available
This site has over 1,000 'wiki' pages, many thousands of documents, several thousands of videos, and about 50,000 blog posts or articles. We need to make them easier to find/navigate.
Links 24/04/2025: IBM Loses Many Contracts, Intel to Lay Off Over 20% (Not Counting Those Who Leave 'Voluntarily')
Links for the day
Richard Stallman Can Explain to Oxford Artificial Intelligence Society Why LLM Slop is Not Artificial Intelligence and Why It Hurts Society
another 'crop' of LLM slop that damages GNU/Linux and facts
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 23, 2025
IRC logs for Wednesday, April 23, 2025
Open Source Initiative (OSI) Promoting Microsoft and Proprietary Software Using Microsoft Operatives
Because nothing says "Open Source" like GPL violations facilitated by Microsoft
Links 23/04/2025: Crackdowns on Dissent, Palin Loses Libel Retrial Against New York Times
Links for the day
Links 23/04/2025: Hard Times and Digital Amnesia
Links for the day
The GNU/Linux Site Formerly Known as "linoxide.com" is Back... as an LLM Slopfarm!
Better for linoxide.com to go offline than to do this
Get Rid of Back Doors, Don't Obsess Over Bounties and Other Corporate PR Stunts (or Needless Reboot Rituals)
Security as a term has mostly lost its meaning due to repeated misuse for many years
Richard Stallman to Speak in Oxford University Exactly a Day From Now
outsourced to GAFAM
Links 23/04/2025: "Hiding Corruption" and "The Cost of Defunding Harvard"
Links for the day
statCounter Helps Visualise Just How Deep in Trouble Microsoft is (Especially in Africa)
Microsoft sabotaged efforts to connect Africans and equip them with GNU/Linux laptops
The Register is Using Linux-Hostile Clickbait in Articles of Linux Proponents
Don't be a "whore" to advertisers, team El Reg
Microsoft Windows in Cyprus Lacking a Future
Most people access the Web there from mobile
Matrix Has a Severe Problem With Illegal Images
If Matrix cannot get the CP problem under control, many projects and people will dump Matrix
Never Try to Justify Strangulation of Women (Not in the US and Not in the UK)
Joint post by Mrs. Rianne Schestowitz and Dr. Roy Schestowitz
Links 23/04/2025: Tesla Profits Plunge 71%, Intel Ready to Lay Off 20% of Staff, Microsoft and IBM Layoffs
Links for the day
Microsoft's Most Profound Issue is That People Moved to 'Mobile' and "App Stores" (Microsoft's Presence There is Negligible)
Expect a wild ride for Microsoft this year
Google News is Amplifying FUD and Lies About Linux (and OpenSSH/SSH) by Promoting Slopfarms With Machine-Generated FUD and Slop Images
Google should know better
Gemini Links 23/04/2025: Librarians, Anubis, and Refactoring a Gemini Capsule
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 22, 2025
IRC logs for Tuesday, April 22, 2025
Links 22/04/2025: Ending DEI Policies at Adobe, FTC Sues Uber
Links for the day
RMS is Done at KCL, Next Stop is Oxford
The message of RMS has long resonated well in India
US Government Already Bailing Out OpenAI/Microsoft With "Contracts", As Usual, Back Doors You Cannot Remove Becoming 'a Step Closer' on New PCs (Unless Everyone Acts ASAP)
The next "logical" step towards digital prisons
Microsoft Devises PR Stunts to Distract From Impending Mass Layoffs and Likely Bad Results Preceding Those Mass Layoffs
A "voluntary exit plan"
Gemini Links 22/04/2025: Deaths, HamsterCMS, and More
Links for the day
Links 22/04/2025: FTC v. Meta Trial and Google Remedies
Links for the day
In Turkey, Windows Down Rapidly While GNU/Linux Grows
Although Turkey is in NATO (but not the EU), it cannot quite trust computer systems controlled by the United States
GNOME, Microsoft, and GitHub: The Lack of Reporting on Abusive Colleagues Contributed to Profound Media Vacuum (or Blackout), Now Resorting to SLAPPs
This lack of morality/courage has helped enable further abuse, lining up more victims
Richard Stallman Has Updated His Article on Why "Free Software Is Even More Important Now"
Richard Stallman is about to give a talk here in the UK in a few hours
Microsoft Already Attacks the BSDs as Well (the E.E.E. Way, as Usual)
Bearers of bad news
The Open Source Initiative (OSI) is in Trouble, May Soon be Out of Business
Openwashing needs to end
Microsoft's Debt Grew Over 6 Billion Dollars in the Last Reporting Quarter (Before Inauguration), Expect Worse Next Week When 'Results' Are Disclosed and Mass Layoffs Resume
Microsoft is bleeding. It does not want people to notice.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, April 21, 2025
IRC logs for Monday, April 21, 2025
Richard Stallman Gives Public Talk in London in 7 Hours (Need to Register as Venue Limited to 150 Seats), Public Announcements Begin to Appear
These are not announced weeks or months in advance