17 Mar 2010
Industry-leading security organisation, the System Administration, Networking, and Security (SANS) Institute has warned firms to beware of phishing scams and 'drive-by' hacking based around Microsoft's latest browser preview release, Internet Explorer 9 (IE9).
The warning on SANS' Internet Storm Centre (ISC) website, points up the several security implications for the new release. "Attackers may start using the lure of installing Internet Explorer 9 as part of phishing and drive-by campaigns" in which opportunistic hackers take advantage of proximity to a wireless network to break it.
SANS ISC also sets out the advantages for both security professionals and hackers, of downloading the IE9 preview.
"Attackers may be interested in exploring what vulnerabilities (if any) exist in the code added to Internet Explorer 9," says SANS ISC, adding that, " security professionals may be interested in exploring what security features and enhancements (if any) are built into Internet Explorer 9."
Key to the new browser preview is Microsoft's support for several HTML 5 features, like the latest version of cascading style sheets (CSS3), scalable vector graphics (SVG), and industry standard audio and video codecs, H.264/MPEG4 and MP3/AAC.
The latest global share for installed browsers from Netmarketshare, shows IE on 61.6 per cent, Firefox on 24.2 per cent, Chrome on 5.6 per cent, Safari on 4.5 per cent and Opera on 2.4 per cent. Moving to support more HTML standards could boost IE's market share.
The latest security patches from Microsoft for March also includes the 'browser choice' update. This EU-only patch polls users about whether they want to install other browsers on their systems, like Chrome, Firefox, or Opera, rather than having IE as the default. This could decrease IE's market share.
There is as yet no official release date for IE9.
We managed to get a blue-screen-of-death while trying IE9. This underscored the huge amount of new and low-level software which IE9 will include to deliver its promised rendering performance. Of course attackers will target this; it will present a large surface area for attack and be deployed widely. So expect IE9 to have a chequered history.
It's not all bad news though: users are winning in the browser wars. IE9 is the latest stage in the performance and functionality war that kicked off with Chrome. See http://blog.workbooks.com/the-reinvigorated-web-browser/
Posted by: James Kay 08 Apr 2010
Have your say on this article
Newsletters
Latest stories from Security Technology
Latest videos
You may also like
Security Technology jobs
Will Google’s new privacy policy impact how you use its services?
Rubbish in... rubbish enterprise. Why proper data management is so important (video, 6 min)
This Forrester report compares the costs and benefits of legacy email and productivity software with Google Apps
Upcoming Events
The implementation of robust, relevant digital strategies is more crucial than ever to the success of insurance businesses
Date: 01 Mar 2012
Time: 09:00am
A showcase of the latest in the information content and management
Date: 20 Mar 2012
Time: 09:00am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
