Bonum Certa Men Certa

Microsoft's Browser Ballot is Broken Again and Internet Explorer 8 is Critically Flawed

Voter
Poor man's ballot?



Summary: Microsoft makes it difficult to install a Web browser other than its already-installed and already-flawed Internet Explorer 8

THE BROWSER BALLOT has already been through many changes since it was first introduced. Microsoft kept cheating or simply left some self-serving bugs in tact. We wrote about the subject in:



  1. Browser Ballot Critique
  2. Microsoft's Fake “Choice” Campaign is Back
  3. Microsoft Claimed to be Cheating in Web Browsers Ballot
  4. Microsoft Loses Impact in the Web Despite Unfair Ballot Placements
  5. Given Choice, Customers Reject Microsoft
  6. Microsoft is Still Cheating in Browser Ballot -- Claim


Rob Weir from IBM shows that Microsoft's ballot, which it was forced to implement in order to avoid fines (a lot of the press still gets it wrong by characterising it as Microsoft fairness), is simply broken. See the screenshots in Weir's blog as they are self explanatory.

A few weeks ago I wrote about Microsoft’s “browser choice” ballot page in Europe, which in its debut used a flawed algorithm when attempting to perform a “random shuffle” of the browser choices, a feature specifically called for in their agreement with the EU. This bug was fixed soon after it was reported. But I recently received an email from a correspondent going by the name “Skoon” who reported a more serious bug, but one that is seen only in the Polish-language translation of the ballot choice screen.


In other news, there is a major new flaw in Microsoft’s Internet Explorer 8. [via]

The cross-site scripting filter that ships with Microsoft’s Internet Explorer 8 browser can be abused by attackers to launch cross-site scripting attacks on websites and web pages that would otherwise be immune to this threat.

According to a presentation at this year’s Black Hat Europe conference, the issue introduces security problems at several high-profile websites, including Microsoft’s own Bing.com (screenshot), Google.com, Wikipedia.org, Twitter.com (screenshot) and just about any site that lets IE 8 users create profiles.


Yes, Microsoft's browser is still lagging when it comes to security due to negligence and incompetence [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12]. But it's not entirely surprising that while 4 governments encouraged their citizens to abandon Internet Explorer this year, the MSBBC continues to produce Microsoft adverts, including the many Internet Explorer endorsements that we find in the MSBBC [1, 2, 3, 4, 5, 6] on a regular basis (and occasionally report those for scrutiny). Our reader ThistleWeb has more to say about the MSBBC's latest Infomercial:

I saw this promo piece in the BBC about the launch of Microsoft's new Fix-it service and a few things spring to mind. The first is that Microsoft have a long track record of causing more problems than they fix when applying updates. They set Windows to download and apply all critical updates without user intervention. So when a user goes to shut down their PC they have no idea if they have to hang around for 15 mins so that Windows can apply it's updates or not. Similarly they have no idea if those updates will cause a problem when they next start up their PC.

The second is that Microsoft have a history of abusing the term "critical" and slipping in programs like the Orwellian titled WGA (Windows Genuine Advantage). This was apparently a feature a large number of their customers were screaming out for and Microsoft being a listening, concerned company felt they had no choice but to provide; if you believe Micorosoft's PR about it. WGA checks regularly if the copy of Windows it's running on is licensed or unlicensed. If it deems that install of Windows to be unlicensed it causes no end of hassle for the user by disabling services, rebooting, nagware messages about "please contact Microsoft to buy a Windows product key". It's no advantage to customers, only to Microsoft. Yet this has been defined by Microsoft as a "critical" update. To me "critical" means "your PC is at immediate risk without this update".


We have written about this before; in fact, Microsoft marks as "critical" anything that's critical to Microsoft, not to the user. This is probably why one in two Windows PCs is still estimated to be a zombie.

Recent Techrights' Posts

Linux Journal Might Have Become the Latest Slopfarm Targeting "Linux", the Trends Are Concerning for Dying News Sites
They tarnish the Web with junk and then die
On "Learning to Code"
quality may suffer, plus things get bloated
Quick Points Regarding This Week's Court Hearing
it paves the way for us to squash all the SLAPPs from Microsofters
 
"Six years of Gemini!"
From gemini://geminiprotocol.net
Gemini Links 20/06/2025: Summer Updates and Hardware Failures
Links for the day
Links 20/06/2025: Google Shareholder Sues Google and Google Sued for Defamatory Slop ('Hey Hi') Word Salads ('Summaries')
Links for the day
Common Mistake: Believing Social Control Media Will Document Your Writings/Thoughts and Search Engines Like Google Will Help You Find These
Many news sites wrongly assumed that posting directly to Twitter would be acceptable
The Manchester Bees and This Hot Summer
We have had a fantastic week so far this week
Gemini Protocol Enters Its Seventh Year, Growth Has Accelerated!
Maybe in June 20 2026 there will be over 3,500 active capsules?
Mastodon and the Fediverse Have an Issue: Liability for Content (Even in Other Instances) and Costs
self-hosting is the only logical path forward
Why Microsoft and Its 'Hey Hi' (Slop) Frenzy Fail While Sinking in Deep, Growing Debt
Right now, like Twitter around the time it was sold to MElon, "open" "hey hi" is a big pile of debt with a lot to pay for that debt (interest payments)
Europe is Leaving Microsoft, the Press Coverage Isn't Sufficiently Helpful
The news is generally positive, but the press coverage leaves so much to be desired
Slopwatch: Linuxsecurity, BetaNews, and Linux Journal
slippery slope
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 19, 2025
IRC logs for Thursday, June 19, 2025
Gemini Links 20/06/2025: Gemini Protocol Turns 6!
Links for the day
Links 19/06/2025: Ghostwriting Scam and Fentanylware (TikTok) Buying Time
Links for the day
Microsoft's Windows is a Niche Operating System in Africa
African nations aren't a large contributor to Microsoft's income, but if many African nations move away from Windows, then the monopoly is at risk
Gemini Links 19/06/2025: Unix Primitivism, Zine Club, and Gemini Protocol Turns 6 at Midnight
Links for the day
Links 19/06/2025: WhatsApp Identified as Assassination 'Crosshairs', Patreon Now Rips Off People Even More
Links for the day
"Told You So": Another Very Large Wave of Microsoft Layoffs Now Confirmed in Mainstream Media
So we were right to believe the rumours, based on the credibility of prior such rumours
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 18, 2025
IRC logs for Wednesday, June 18, 2025
Gemini Links 18/06/2025: Magit and Farming
Links for the day
Slopwatch: BetaNews is Now a Slopfarm (Like Linuxsecurity) and Google News is Overwhelmed by Slopfarms
The Web is bad
Links 18/06/2025: SCOTUS Decision on Fentanylware (TikTok) Still Ignored, 4.5-Day Work Weeks
Links for the day
Links 17/06/2025: Windows TCO and G7 Rifts
Links for the day
The Right to Know and the Freedom to Report on Crime (at the Higher Echelons)
I'd like to do the same thing for the next 20 years
BetaNews Appears to Have Fired All Of Its Staff
Even serial sloppers
After the Web Becomes Slopped to Death
A lot of people are rightly fed up with the "modern" Web
Gemini Protocol Turns 6 on Friday
Active (online) Gemini capsules are estimated by Lupa at over 3,000
Like Most Social Control Media, Microsoft LinkedIn is Collapsing
One reason for Microsoft acquisitions is debt-loading, i.e. offloading and burying its debt
Microsoft is Losing Its Richest Clients
Unlike some very poor countries, Germany and the EU are a considerable source of income to Microsoft
Proprietary Means Not Secure
Proprietary software tends to rely on secrecy, not good design
Slop in 'AI' Clothing is a Passing Fad, We'll Get Past It (Like Blockchain Before That)
Many people cheat in exams using slop and there are professionals that try using slop as a "shortcut"
GNOME Does Not Campaign Against Microsoft, KDE Does
It's good to see that KDE is still active in promotion of Free software - a term that it uses
Slopwatch: BetaNews, Linuxsecurity, and Other Prolific Slopfarms
name and shame the sites that establish such proliferation of slop
Gemini Links 18/06/2025: Birch Lake and Loon Pond
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 17, 2025
IRC logs for Tuesday, June 17, 2025