Saturday, September 22, 2012

Internet Explorer Drama

A security hole was found in Internet Explorer early this week that allows cybercriminals to download and run programs onto your computer. How it works is that the program is uploaded to a web server and when a victim browses to a page on that server the server exploits the security breach in Internet Explorer to download the malware with no interaction from the user. A security analyst stumbled upon it while browsing the Internet. The hole is what's known as a zero-day exploit. What this means is that the security breach was found “in the wild” before anybody knew it even existed. So far, there have been three verified cases of web servers exploiting this security hole.

Microsoft has deemed this as a critical security flaw and hustled to create a patch to make their browser safe against such attacks in the future. The patch was released on Friday, September 21st. If you have Windows set to automatically install important updates your system will have installed this update for you. If not, go to To manually download the security patch. You will have to find the version of Internet Explorer you are using and then finding your version of Windows. The blue colored text that reads Internet Explorer X is a link to the appropriate download page for your patch. When you get to that page there will be an orange Download button. Click that button and your browser will download the patch. You can find what version of Windows you're running by clicking the Start Menu and right clicking on Computer or My Computer and selecting Properties from the drop-down menu. You can find your Internet Explorer version by opening Internet Explorer and clicking on Tools and then About Internet Explorer.

While Microsoft was quick to react to this threat it brings up a deeper issue with Internet Explorer. 10 years ago, Internet Explorer was synonymous with the Internet. In 2004 IE had an estimated 91% of the market share. It was simply the best browser you could find, and coming preloaded with Windows there wasn't a reason to look for alternatives. That is no longer the case. In the last 8 years IE's market share has plummeted to an estimated 23%. There is good reason for this fall. Other browsers have caught up to and surpassed IE in nearly every relevant metric. Compared to the competition, IE is slower, takes up more system resources, is less secure and strays farthest from web standards meaning it causes errors on more web pages. For these reasons IE has lost nearly 70% of the market share despite being preinstalled on 90% of desktop computers. While Microsoft did a good job of patching this security hole once it was found, the fact remains that it was a hole that simply didn't exist on any other browser. In light of this last security snafu, many security agencies and governments have urged people to switch away from IE.

By this point in the article you can probably tell that I would be one of those people urging you to drop IE in favor of one of it's competitors. What competitor would I recommend? That depends largely on personal tastes. I will give a brief rundown of the three most popular and well regarded alternatives and leave it to you to decide which is right for you.

Google Chrome – Chrome has become the new market leader in the web browser arena. There are two main reasons for this. Google's goals when it set out to create a browser were to make it faster and lighter than anything on the market and to make it quick and easy to keep up to date. It has succeeded in both areas. Chrome is lightening fast and takes up a small fraction of system resources compared to any of the others on this list. This leaves your computer free to perform other tasks while you have the browser open in the background. However, the upgrading is where Chrome has really separated itself from the competition. Chrome's default setting is to check for, and install, upgrades automatically in the background whenever you launch the browser. This means that if you use Chrome you never have to worry about upgrades or security patches as the browser will take care of this without you even knowing. If this security hole was found in Chrome instead of IE the patch could have been put out the same day and the next time you launched your browser it would have been installed.

Mozilla Firefox – Anybody that was using the Internet in the late 90s remembers the old Netscape browser that gave IE a run for it's money. Unfortunately, Netscape was a relatively small company and simply couldn't compete with Microsoft in the web browser arena. In the end they had to close the doors and stop producing their program. Instead of letting Netscape die, they gave the code to the open-source community known as Mozilla who had been struggling to get their own browser off the ground. Armed with the code from Netscape, Mozilla created Firefox. Since that time, Firefox has been the go-to alternative for people looking to ditch IE. Much of the market share that has been lost by IE over the last 8 years has been lost to Firefox, who now owns an estimated 19% of the market itself.

Opera – The last browser I'm going to mention is Opera. Opera is produced by a privately owned company in Norway. Opera is credited with being on the cutting edge of browser technology despite holding just 5% of the market share. Opera was the first browser to offer features such as tabbed browsing, mouse gestures, caching to RAM, webpage zooming, saving sessions so that you can start from where you left off when reopening the browser, integrated search, pop-up blocking, speed dial, and many others. As you can see, the browser you currently use wouldn't be what it is without copying features from Opera. The feature that I like most, which is now also included in Chrome, is the ability to log into the browser. This will save all of your settings to an Opera server. When you log in from multiple locations Opera will sync the settings so that your favorites and history will be the same where ever you log in from.

There are many other options to choose from, and the differences could be daunting. My suggestion would be to install a couple and decide for yourself what you prefer. If you decide to stick with Internet Explorer though, make sure to follow the link above to the security patch and download it. Even if you have automatic updates activated, you can never be too safe with your online security.

No comments:

Post a Comment