Microsoft is investigating a newly discovered vulnerability in Internet Explorer 6, which has the potential to crash the browser when users visit a “malicious” website.
Details about this security vulnerability were disclosed via email last week by expert Michal Zalewski. “I’m not surprised, but it seems to be a very… interesting and easily exploitable vulnerability within Microsoft Internet Explorer,” he wrote.
Yesterday, security firm Secunia released a warning stating that hackers could easily exploit this vulnerability to crash IE. The issue appears in both the patched version of IE 6 and Windows XP with Service Pack 2 installed.
According to a Microsoft representative, the company is currently investigating the vulnerability and at this time, they “have not recorded any attacks exploiting the aforementioned vulnerability.” Once the investigation is completed, Microsoft may issue a warning or provide a patch through their monthly security bulletin.
Acknowledging Mistakes
On the same day, Chairman Bill Gates acknowledged that the IE browser no longer holds the “supreme” position in Microsoft’s web application platform strategy, although it remains quite important. Gates admitted that Microsoft had made a mistake by waiting too long for initiatives to upgrade their browser technology.
“We have waited too long for a new browser,” Gates said before a packed audience of some of the most well-known web designers and developers today. “Microsoft has been too immersed in the mindset of viewing the browser as a development platform.”
Microsoft plans to release updated versions of IE more frequently, perhaps every 9 months to a year. Gates also committed that “IE7 is not the final stop.”
Microsoft’s diminished focus on IE has provided an opportunity for competitors like Firefox and Opera to rise and challenge IE’s dominant position in the browser market. But now, Microsoft will “respond,” Gates asserted.
IE7 will be integrated with a range of new initiatives to enhance security, improve user-friendliness, and incorporate new technologies such as RSS (Really Simple Syndication). Microsoft is now considering the release of not one, but two new versions of IE. Among them, IE7 will be widely released at the end of this year, along with the new operating system Windows Vista. The IE 7 version for Windows XP will also be released at the same time.
“Courting” the Web Development Community
To attract the web development community, which has traditionally preferred Adobe/Macromedia software and Apple Computer hardware for website and application development, Microsoft has employed a series of strategies.
An anonymous expert revealed that Microsoft even influenced his company and paid him and his colleagues to attend the MIX06 forum. Microsoft also announced Microsoft Expression – a suite of design tools set to compete directly with Adobe’s software.
Lynn Langit, founder and CEO of WebFluent, stated that Microsoft’s renewed focus on IE is aimed at “establishing a dominant position on the Web,” similar to what the company achieved in the desktop domain. Lynn also admitted to being particularly impressed with the compatibility of IE7.
