Comments on: Will Microsoft put bloggers back in their box after IE scare?

By: Matthew

Matthew — Thu, 18 Dec 2008 14:51:10 +0000

Fixed in 48 hours?

Like many vulnerabilities, this is old as the hills, and has been left on the back burner until it became critical.

Maybe it is time to go open source, not that Firefox has an unblemished security record, nor does the webkit engine of Safari and Chrome.

The battle is on a different plane when it’s open source, as both the bad guys and the good guys can trawl the source looking for potential vulnerabilities – there is no “security through obscurity”, as a gaping hole would be discovered by black hats and white hats alike.

By: dollythesheep

dollythesheep — Thu, 18 Dec 2008 13:49:30 +0000

It has been fixed, and within 48h. Well done Microsoft. Too many boo boys have been chipping in with false or irrelevant details. The chances of you going to a legitimate site and loosing your login password are almost zero. The bottom line is that Microsoft was able to get a fix before the criminals exploited it by writing code for more sinister uses.

By: JM

JM — Wed, 17 Dec 2008 18:04:49 +0000

Well, I praise Microsoft for coming clean about this security hole, even if led by one of their bloggers. I hope that any future problem will not be covered up by some corporation-worshipping press officer. After all, if a white-hat security researcher discovers a vulnerability, then the black-hats can do so, too. Better to be warned and wary than living in blissful ignorance. Also, next time, I can see that the problem might easily be a similar security hole in another browser – Apple’s Safari, for instance. I hope that we’d get to know about that if it happened, too.

By: james016

james016 — Wed, 17 Dec 2008 14:48:33 +0000

‘Sup me homies