Microsoft is investigating a recently discovered vulnerability in Internet Explorer 6 that could crash the browser when users visit a “malicious” website.
Details about this security flaw were disclosed via email last week by expert Michal Zalewski. “It doesn’t surprise me, but it seems to be a very… interesting and easily exploitable vulnerability within Microsoft Internet Explorer,” he wrote.
Yesterday, the security firm Secunia issued a warning, indicating that hackers could easily exploit this vulnerability to crash IE. It affects both the patched version of IE 6 and Windows XP with Service Pack 2 installed.
According to a Microsoft representative, the company is investigating the flaw, and at this time, they “have not recorded any attacks exploiting the aforementioned vulnerability.” Once the investigation is complete, Microsoft may issue a warning or provide a patch through their monthly security bulletin.
Acknowledging Mistakes
On the same day, Chairman Bill Gates acknowledged that the IE browser no longer holds a “supreme” position in Microsoft’s web application platform strategy, although it remains quite important. Gates admitted that Microsoft made a mistake by waiting too long for initiatives to upgrade its browser technology.
“We have waited too long for a new browser,” Gates said before an audience packed with some of the most prominent web designers and developers today. “Microsoft has been too immersed in thinking of the browser as the development platform.”
Microsoft plans to release updated versions of IE more frequently, possibly every 9 months to a year. Gates also committed that “IE7 is not the final destination.”
The company’s decreased focus on IE has provided an opportunity for competitors like Firefox and Opera to rise and challenge IE’s dominance in the browser market. But now Microsoft will “respond,” Gates affirmed.
IE7 will incorporate a range of new initiatives to tighten security, be more user-friendly, and introduce new technologies such as RSS (Really Simple Syndication). Microsoft is now considering releasing not just one, but two new versions of IE. Among these, IE7 will be widely released by the end of this year, alongside the new operating system Windows Vista. The version of IE 7 for Windows XP will also be released at the same time.
“Wooing” the Web Development Community
To attract the web development community, which has traditionally favored software from Adobe/Macromedia and hardware from Apple Computer when developing websites and applications, Microsoft has employed a range of strategies.
An anonymous expert revealed that Microsoft even influenced his company and paid him and his colleagues to attend the MIX06 forum. Microsoft also announced Microsoft Expression – a design toolset soon to be released that will directly compete with Adobe’s software.
Lynn Langit, founder and CEO of WebFluent, stated that the reason Microsoft is refocusing on IE is to “establish a dominant position on the Web,” just as the company had done in the desktop realm. Lynn also admitted to being particularly impressed with IE7’s compatibility.
