IE8: Safest Browser in the Internet Explorer Range
Internet Explorer 8 (IE8) is the latest iteration of the Microsoft-developed web browser. It has more features than IE6 and IE7, it is faster than IE6 and IE7, and it is definitely safer to use than IE6 and IE7. Why just the other day Microsoft announced it is aware of a new vulnerability that could allow for remote code execution should someone be able to exploit it. Microsoft released Security Advisory 981374 to provide its customers guidance on how to stay protected. A video demo on how the vulnereability works is available here (PandaLabs blog).
The good news is that only Internet Explore 6 and Internet Explorer 7 are affected by this recent vulnerability. The latest version, Internet Explorer 8, is not affected. If you want to stay safe and protected, then you are well advised to leave those older versions of IE behind (especially IE6) and switch to Internet Explorer 8. IE6 in particular should be left behind because as of this month YouTube no longer supports it, nor do Google Docs and Google Sites services. Not to mention that if you’re still on IE6, you’re not getting the most out of Yahoo! Mail.
“The vulnerability exists due to an invalid pointer reference being used within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution. Our investigation so far has shown that Internet Explorer 8 and Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 are not affected, and that Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 are vulnerable,” explained Microsoft in the security advisory.
The bad news is that the vulnerability is already being actively exploited to infect Windows-powered computers with a Trojan. “If you are an IE user and have not yet upgraded to version 8, take a hint! It is strongly recommended that you do so. Aside from not being affected from this particular issues, there are a whole bundle of other security related features you are missing out on otherwise,” explained Senior Technology Consultant with Sophos, Graham Cluley.
Here is one of the things you are missing out on: the SmartScreen Filter. According to Microsoft, out of 250 downloads, 249 are genuine, legitimate downloads – but 1 is the result of people with malicious intent tricking the user into downloading malware onto his computer. The SmartScreen Filter prevents malware from being downloaded onto the user’s computer. Ever since it has been implemented in IE8, the SmartScreen Filter managed to block “over 560 million attempts to download malware, recently averaging over 3 million blocks per day,” said Program Manager with IE, Eric Lawrence.
If you would like to get IE8, grab it straight from Microsoft here.
The good news is that only Internet Explore 6 and Internet Explorer 7 are affected by this recent vulnerability. The latest version, Internet Explorer 8, is not affected. If you want to stay safe and protected, then you are well advised to leave those older versions of IE behind (especially IE6) and switch to Internet Explorer 8. IE6 in particular should be left behind because as of this month YouTube no longer supports it, nor do Google Docs and Google Sites services. Not to mention that if you’re still on IE6, you’re not getting the most out of Yahoo! Mail.
“The vulnerability exists due to an invalid pointer reference being used within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution. Our investigation so far has shown that Internet Explorer 8 and Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 are not affected, and that Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 are vulnerable,” explained Microsoft in the security advisory.
The bad news is that the vulnerability is already being actively exploited to infect Windows-powered computers with a Trojan. “If you are an IE user and have not yet upgraded to version 8, take a hint! It is strongly recommended that you do so. Aside from not being affected from this particular issues, there are a whole bundle of other security related features you are missing out on otherwise,” explained Senior Technology Consultant with Sophos, Graham Cluley.
Here is one of the things you are missing out on: the SmartScreen Filter. According to Microsoft, out of 250 downloads, 249 are genuine, legitimate downloads – but 1 is the result of people with malicious intent tricking the user into downloading malware onto his computer. The SmartScreen Filter prevents malware from being downloaded onto the user’s computer. Ever since it has been implemented in IE8, the SmartScreen Filter managed to block “over 560 million attempts to download malware, recently averaging over 3 million blocks per day,” said Program Manager with IE, Eric Lawrence.
If you would like to get IE8, grab it straight from Microsoft here.
