Items tagged with Internet Explorer
Microsoft recently announced a number of interesting features for its upcoming Chromium-based version of Microsoft Edge. The features are primarily aimed at helping businesses and enhancing privacy. Microsoft’s new version of Edge includes a new “IE Mode”, Collections, and web tracker blocking. Microsoft has specifically designed several things for businesses. Businesses are notorious for their slow adoption of new technology. Microsoft wanted to make the transition to Edge as seamless as possible. Their new “IE Mode” will allow businesses to load old sites directly into the new web browser. The mode will utilize Internet Explorer’s rendering engine and load...
Read more...
Although Microsoft is hoping for a big browser comeback with the Chromium-based version of the Microsoft Edge browser, there’s another browser in the company’s repertoire that many people have already forgotten about. Of course, we’re talking about the “undead” Internet Explorer. Internet Explorer has a long history of poor security (which was one of the reasons for its dwindling popularity), and now a new exploit that takes advantage of the browser has been brought to light. John Page, a security researcher, has discovered an XML eXternal Entity (XXE) vulnerability that takes advantage of MHT files. The main issue is that by default, Windows-based...
Read more...
For many years and through many iterations, Microsoft championed Internet Explorer as the best browser around, and at one time IE dominated the landscape. What about now? Microsoft's message is very different in the era of Windows 10 and Edge (which is undergoing an overhaul to Chromium). In a recent blog post, Microsoft warned of the "perils of using Internet Explorer as your default browser." Internet Explorer is a legacy product at this point. It hangs around because in the old days, so much of the web and the tools businesses built were designed to be compatible with IE. Consider that a decade ago, IE claimed around two-thirds of the browser market, and by some metrics it was still the dominant...
Read more...
Last week, Microsoft released an emergency patch to fix a zero-day security issue in Internet Explorer. If left unpatched, an attacker could exploit the security hole to remotely execute malicious code on a victim's PC when visiting a compromised website. Releasing a patch was all well and good, except that there's an known issue that is quite annoying for some Lenovo laptop owners. "After installing KB4467691, Windows may fail to start up on certain Lenovo laptops that have less than 8GB of RAM," Microsoft lists as one of several known issues. Microsoft is working with Lenovo to resolve the issue through a future update. In the meantime, the company has a couple of suggested workarounds for...
Read more...
Microsoft has released an emergency patch to fix a critical vulnerability discovered in Internet Explorer. If left unpatched, an attacker could exploit the security hole to remotely execute malicious code on a victim's PC when visiting a compromised website. Listed as CVE-2018-8653, the flaw affects all supported versions of Windows. "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current...
Read more...
If you are [for some bizarre reason] still running Microsoft's Internet Explorer web browser, you might want to take notice of a new zero-day vulnerability that is making the rounds around the globe. The exploit is called "Double Kill" and was discovered by Chinese security firm Qihoo 360. Qihoo 360 thankfully isn't divulging any technical details about Double Kill, but it does acknowledge that it has contacted Microsoft to give the company a heads up. What we do know, however, is that Double Kill involves an Internet Explorer vulnerability that uses Microsoft Word documents (usually sent an email attachment) as the attack vector. Opening the Word document is all that is required for...
Read more...
Well this is unsettling news—a security researcher has discovered a bug in Microsoft's Internet Explorer browser that allows remote hackers to view anything and everything you type in the address bar, including web addresses, search terms, and any other text. If you are still using IE as your browser of choice, be advised that the vulnerability exists on the latest version. This is a potentially big deal as nearly a third of all desktop users still surf the web with IE, according to data by Net Applications. Stat Counter reports a much lower usage at 8.61 percent, but either way, IE is still in use today.Image Source: Manuel Caballero The flaw was discovered by Manuel Cabellero, who outlined...
Read more...
Despite all the effort Microsoft is expending in getting Internet users to try out and stick with its Edge browser, Chrome continues to the popular choice. Even worse for Microsoft, Chrome's popularity is growing—it now accounts for more than half of all desktop browser usage and has nearly double the market share of Edge and Internet Explorer combined. Market research firm Net Applications has Chrome sitting pretty with a 54.99 percent share of the desktop browser market, up from 31.12 percent at this moment a year ago, while Internet Explorer and Edge combine for 28.39 percent and Firefox stuck at around 11 percent. Even more interesting is that when Windows 10 launched to the public at the...
Read more...
We suspect there are some high-fives flying around in Mozilla's offices this morning, as the company's Firefox browser has now caught up with and even slightly bumped ahead of both Internet Explorer and Edge combined in desktop browser market share, according to data provided by StatsCounter. It's the narrowest of victories with Firefox claiming a 15.6 percent share of the desktop browser market at the end of April, compared to 15.5 percent for Microsoft's two browsers combined. In horse racing, that would be a photo finish. Even if you want to call it a tie, which you'd be justified in doing, Microsoft can't be thrilled that more users aren't adopting its Edge browser. "Microsoft might have...
Read more...
Psst, Internet Explorer users -- brace yourselves, EOL (End of Life) is coming. It's a new year and apparently Microsoft resolved to reduce the number of browsers it supports to just two, those being Edge in Windows 10 and Internet Explorer 11 in previous versions of Windows. All other IE builds are soon to be obsolete from a security standpoint. The date of execution is January 12 (next Tuesday). At that time, Microsoft will cease supporting Internet Explorer versions 8, 9, and 10. What that boils down to is no more technical support and, more importantly, no more security updates. Anyone who continues using the legacy browsers will find themselves at greater risk of attack.Slowly but surely,...
Read more...
All eyes are on Microsoft as it gets ready to release Windows 10, the next generation operating system that's such a significant upgrade, the Redmond outfit decided to skip right over Windows 9. Microsoft has a lot riding on Windows 10, though it's not just about the OS as a whole. There are subplots at play, like whether or not Microsoft's new Edge browser will rule the web the way Internet Explorer once did.For the first time in forever, Internet Explorer's desktop browser share is below 55 percent, having fallen from 55.15 percent at the May to 54 percent at the end of June, according to Net Applications. If we look back a year ago, IE was holding onto a 58.35 percent share. A 4.35 percent...
Read more...
Microsoft is giving Internet Explorer and Project Spartan browser users a heads up that in future releases, the Do Not Track feature will no longer be enabled by default. On the surface (no pun intended), Microsoft's reasoning for the change is that enabling the privacy feature by default only encourages websites to ignore the setting and use tracking cookies anyway.It's not such an odd leap of logic, and it's one that the World Wide Web Consortium (WC3) agrees with. As WC3 explains, sending a signal to disable tracking "MUST reflect the user's preference, not the choice of some vendor, institution, site, or network-imposed mechanism outside the user's control." So when no user choice exists...
Read more...
It seemed inevitable, but last week, we received confirmation that Microsoft would in fact be killing off Internet Explorer at some point. The death won't happen with Windows 10, however, as the browser is still relied-upon in the enterprise market. Given that, we might not even see it be retired in Windows 11 -- the enterprise world can move at a snail's pace when it comes to software upgrades. Regardless of all that, what's been certain for a while is that Project Spartan would become the primary browser in Windows 10, sporting a brand-new Trident engine fork called EdgeHTML. While it was once believed that both browsers in Windows 10 would bundle in both the EdgeHTML and IE-based Trident...
Read more...
It's always fun to see which security flaws get exploited at Pwn2Own, and this year's event has proven to be no exception. In fact, it could be considered to be one of the most exciting events to date, with JungHoon Lee exploiting three major browsers, and securing a record $110,000 payout for one of the flaws. Starting the day off, JungHoon (aka: lokihardt) breached a time-of-check to time-of-use vulnerability in the 64-bit version of Internet Explorer, breaking out of the sandbox via a privileged JavaScript injection, allowing him to execute medium-integrity code. This flaw netted JungHoon $65,000. His second proof-of-concept was the big one, worth $110,000. It affects both the stable and beta...
Read more...
