All I want to know is why we have to get this far in
order to understand the incoherence of technology vendor
monoculture? I still don't even understand why any productivity
seeking web user would have IE as their desktop browser (at all,
bar the littany of ill served IE only sites, Yuck!).
Mozilla, FireFox, Opera et al. are all viable
alternatives. Even better, get with the Web 2.0 program using the
emerging pool of RSS Readers / Web Browser
hybrids (note: unfortunately many sill use IE for browsing by
default).
What really gets to me is that the fact thatonce
the ill perceived destruction of Netscape was achieved, Microsoft
went into predictable modemode withIE (nothing to kill
so why innovate, I mean we only innovate to kill products that
potentiallyre-route users away from the Windows Lock-in /
technology cul-de-sac etc..).
Internet Explorer Frame Injection Vulnerability âMark
Laurence has discovered a 6 year old vulnerability in Microsoft
Internet Explorer, allowing malicious people to spoof the content
of websites. The problem is that Internet Explorer doesnât check
if a target frame belongs to a website containing a malicious link,
which therefore doesnât prevent one browser window from loading
content in a named frame in another window. Successful exploitation
allows a malicious website to load arbitrary content in an
arbitrary frame in another browser window owned by e.g. a trusted
site. Secunia has constructed a test, which can be used to check if
your browser is affected by this issue. This vulnerability is
similar to an old vulnerability fixed by MS98-020 in Internet
Explorer version 3 and 4. The vulnerability has been confirmed in a
fully patched Internet Explorer 6 running on Microsoft Windows XP.
Other versions of Internet Explorer may also be affected. Solution:
Disable the following security setting: âNavigate sub-frames
across different domainsâ. [Tools/Internet Options/Security tab
in an Internet Explorer windows or Internet Options/Security tab
from Control Panel.] Do not visit or follow links from untrusted
websites.â