Bonum Certa Men Certa

Internet Explorer Still Not Secure, Still Standards-hostile, and Still Giving the NHS a Headache


Yorkshire air ambulance (NHS)



Summary: Internet Explorer mayday is still here, SVG is still not supported, and British taxpayers pay the price (or pay with their lives)

GOOGLE has issued a challenge to China, removing some censorship in the process (and getting some praise or flak for it). Totalitarians' sympathiser, Microsoft, says it will carry on censoring results for the suppressive regime, which it later denies because it does not want the public to know (bad for PR). We wrote about this before and provided extensive evidence.



Using a new product, Microsoft helps manipulate search engines like Google and it is curious because Google's China attacks were caused by Internet Explorer [1, 2, 3, 4, 5, 6, 7, 8, 9, 10] (and more specifically, Microsoft's negligence [1, 2, 3]). Internet Explorer is still not secure. From the news:



A renowned security research company has revealed that it has managed to discover yet another set to vulnerabilities in Internet Explorer, Microsoft's web browser, a mere day after the company patched the browser after a high-profile and highly-publicized attack on Google in China.


There was also a vulnerability disclosed a day after Microsoft had released patches. How about the vulnerability that's 17 years old? Among the news coverage we have:



  1. Microsoft investigates 17-year-old Windows flaw


  2. Microsoft warns of flaw in 32-bit Windows kernel


  3. Microsoft confirms 17-year-old Windows vulnerability


  4. Microsoft confirms low-risk zero-day in Windows kernel


  5. Microsoft: Identifies 17-Year-Old Bug in Windows – It’s about time


  6. 17-year-old Microsoft flaw affects Windows 7


  7. Microsoft Warns About 17-Year-Old Windows Bug


  8. Microsoft investigating ZeroDay impacting Windows NT Kernel


On the heels of Microsoft announcing an out-of-cycle patch for the ZeroDay vulnerability in Internet Explorer, researcher Travis Ormandy has released details on another ZeroDay that exists in the Windows NT Kernel on every system version from Windows NT 3.1 to Windows 7.


This is confirmed by Microsoft itself by the way.

The NHS, which is a Windows shop for the most part [1, 2, 3, 4, 5], should already abandon Windows or at least abandon Internet Explorer.

Why the NHS can't get its browser act together



[...]

Don't worry, said Microsoft a few days ago: the zero-day vulnerability that Chinese hackers exploited to infiltrate Google's network only affects Internet Explorer 6 (released in 2000) running on Windows XP (released in 2001).

The implication being that nobody uses that still, do they? Ed Bott, who has forgotten more about Microsoft than many people know, says in a vehement blogpost at ZDNet that:
"Any IT professional who is still allowing IE6 to be used in a corporate setting is guilty of malpractice. Think that judgment is too harsh? Ask the security experts at Google, Adobe, and dozens of other large corporations that are cleaning up the mess from a wave of targeted attacks that allowed source code and confidential data to fall into the hands of well-organized intruders. The entry point? According to Microsoft, it's IE6."


Ed Bott is a Microsoft-bribed mouthpiece, so it hardly matters what he says about Microsoft products. He lied about rivals of Internet Explorer a few days ago (by repeating the Microsoft talking points). He is almost ZDNet's way of advertising Microsoft under the more trustworthy guise of "blogs".

As an aside, Internet Explorer still does not support SVG, which has been around for ages. There is no reason to believe that this will change, according to this new analysis which says:

As usual, Microsoft's action drew considerable scrutiny and even skepticism. It's not hard to find commenters who write about "false marriage", "damage" and lock-out. The major market reality that has impacted SVG for years is that all major Web browsers support it--except for Microsoft's Internet Explorer. Numerous projects have decided against SVG in their designs precisely because of this lack.

Initial reaction to Microsoft's decision has been, in my paraphrase: "Finally! Soon IE will support SVG, and we can get back to our programming." I'm unconvinced -- but also unsure that it matters.

There's no guarantee that Microsoft will ever upgrade IE again, let alone that it'll include SVG. Even if it does, it'll be many years before use of earlier versions (IE 5, 6, 7, and 8, for example) falls below whatever threshold decision-makers decide should apply.


We wrote about this in:



Internet Explorer should just be removed from the Internet. It was only put on the Internet in order to sell Windows, Office and along with them substitutes to standards like SVG, so it's not just simply a Web browser.

"In one piece of mail people were suggesting that Office had to work equally well with all browsers and that we shouldn’t force Office users to use our browser. This Is wrong and I wanted to correct this.

"Another suggestion In this mail was that we can’t make our own unilateral extensions to HTML I was going to say this was wrong and correct this also."

--Bill Gates [PDF]

Comments

Recent Techrights' Posts

In Malawi, Windows Down to 10%, GNU/Linux Growing
it's not a small country
[Meme] Featuritis
Newer is not always better
 
"Planets" Cannot Replace Social Control Media, They're Very Much Akin to It (Censorship Hubs, Gatekeepers)
Don't be subjected to gaslighting; make your own OPML file
Topics That Truly Irritate and Consistently Infuriate the Microsofters (Whenever We Cover These)
Censoring uncomfortable information is a difficult activity that has its limits, even in Reddit
Honduras: Vista 11 Down, GNU/Linux Up
Valve sees GNU/Linux as bigger than Apple's MacOS
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, June 13, 2024
IRC logs for Thursday, June 13, 2024
LibrePlanet 2024 and the Lost Video/Audio of Talks
After the event was over someone informed us that due to technical issues they had lost (or failed to acquire) recordings of the talks
Choosing Between Options to Outsource to Evades the Best Solution (Self-Hosting)
Most users don't need this sort of complexity
IBM Layoffs at Kyndryl
This can soon spill over to Red Hat
Turkmenistan: GNU/Linux Leaps Past 5% This Month?
This is how statCounter sees it
Watch This Space
what matters most is not the volume or quantity of publications but their underlying depth and quality
Short Downtimes, Planned Maintenance
Hypervisor maintenance is planned
Links 13/06/2024: Ongoing Sharp Increases in Deaths, Mediterranean Diet Linked to 23% Lower Risk of Death in Women
Links for the day
Gemini Links 13/06/2024: Linuxing of the Dell Laptop and Deep Dive into the World of the OpenEarth Foundation
Links for the day
New Highs for Android in Haiti (Nearly 80%), Microsoft Windows at Only 4%
that's Android at another new high and very close to 80% (it now seems inevitable)
[Meme] How Stefano Maffulli (and Microsoft's Own OSI Insiders) Make Money
Milking what's left of the OSI by attacking its very mission - something that more people now recognise
Mobs Don't Get the Job Done (Mob Leaders Have Lost Credibility/Visibility, Job, or Both)
their demands weren't met
Montenegro: GNU/Linux "Proper" at Over 6%
Windows is down to record lows
Links 13/06/2024: Overpopulation Woes, Best Buy Lays Off More Employees
Links for the day
Nationwide Eventually Did Listen
Miles better than their original nonresponse
The Corruption of Open Source Initiative (OSI), a Front Group of Microsoft and GAFAM, Openwashing Proprietary Things and Even Plagiarism, GPL Violations
Stefano Maffulli (and Microsoft's staff that works with him) basically profits from anti-FOSS
"AI" Tech Bubble
How much "hype quotient" does this whole "hey hi" (AI) thing have left in it?
Links 13/06/2024: Science, Politics, and Gemini
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 12, 2024
IRC logs for Wednesday, June 12, 2024
Gemini Links 12/06/2024: The Rodent Revolution and Adding Twisty Puzzles
Links for the day
Links 12/06/2024: Ukraine War Updates and Many Patents Being Subjected to Squashing Bounties
Links for the day
Ireland Last to Report Election Results
Daniel Pocock's involvement in Australian politics goes back to his university days
Never Sleeps, Never Slumbers
We're going to try to improve not just in quantity but also in quality
[Meme] The Purpose of Life is to Find a Desk
dogs have desks
EPO Has Gotten So Bad That Workers Need to Ask to be Allocated a Desk (at Work)
Wow!!!! An “allocated workplace”!!
Tux Machines Parties Going Well Do Far
Cross-posted from Tux Machines
In Many Countries, Both Large and Small, Vista 11 is Losing Market Share (Despite New PCs Coming Preloaded With It)
One need not even consider large nations in isolation
By "Going Public" the Raspberry Pi Ensures It'll No Longer Serve the Public
It'll be owned and controlled by whatever people wish to control it
Dave Wreski Also Plays the Bot Game (Chatbot) at LinuxSecurity to Fake 'Articles' About "Linux"
How much longer can they fool search engines (SEO) and readers?
[Meme] Indisputable Success
MICROSOFT buys shares of MICROSOFT
Links 12/06/2024: 'Hey Hi' (AI) Bubble Imploding Already, Danish Media Threatens to Sue OpenAI
Links for the day
Links 11/06/2024: Floods in Germany and Brazil, Political Violence
Links for the day
Gemini Links 12/06/2024: Sketching Plants, OpenBSD Pubnix
Links for the day
"2025 the year of Linux on the Desktop"
Charlie Stross quote
In Bahrain, Historically Low on GNU/Linux Adoption, Things Change for the Better
They have some people who understand Free software
Daniel Pocock Received Twice as Many Votes as Andreas Tille (Debian Project Leader After 2024 Election)
From the media yesterday...
Debian is Built by Hundreds of Volunteers and 524 Irish People Voted for Daniel Pocock
524 in that area went to the polling station to vote Daniel Pocock (Ind)
[Meme] RMS is 'Too Old', Says Company Run by a Person 5 Years His Junior (Ginni Rometty) and 10 Years His Junior (Arvind Krishna)
Never again?
[Meme] Women in Computer Science
Grace Hopper, Ada Lovelace etc.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 11, 2024
IRC logs for Tuesday, June 11, 2024
Togo: GNU/Linux Growing Fast This Year, Now Measured at 6%
Sending Bill Gates with a suitcase to bribe African officials isn't enough anymore
Free Software Projects Need to Chase Away Men Who Attack Women Rather Than The Women Who Complain
A just society holds people accountable rather than covers up such blunders
Improving the Image of Women in Free Software by Hiring and Promoting the Proficient Ones
Million's shaman background isn't the problem, or even the superstitious ghost-chasing. The problem is that she has absolutely no background in Free software.
They Say Cash is King
People who value their freedom will pay with cash any time they can
'Team Microsoft' Wants to Leverage Our Popularity as a Weapon Against Us
In the past 2 days we published 64 articles and served over a million HTTP/S requests