Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's IE Is the Most Targeted Application By Security Researchers

Posted by Unknown on from the easy-pickings dept.

darthcamaro writes "Though Microsoft hasn't yet patched its Internet Explorer web browser in 2014, it did patch IE at least once every month in 2013. According to HP's 2013 Cyber Risk Report, more researchers tried to sell IE vulnerabilities than any other product vulnerability. 'IE is the most prevalent browser on the systems that attackers want to compromise' said Jacob West, CTO of HP's Enterprise Security Group."

8 of 96 comments (clear)

  1. Bear in mind by Big+Hairy+Ian · · Score: 4, Insightful

    IE is such a piece of crap to start with and that most users use it because it's there by default and they don't know any better (Which is a security issue in itself). Of course most Hac**** sorry I mean security researchers are targeting MS & IE. Just wait for MS to die off then we'll see them targeting Apple, Android and whoever the next big thing is.

    --

    Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

    1. Re:Bear in mind by RabidReindeer · · Score: 3, Insightful

      IE is - so Microsoft alleged in the anti-trust trials - "An Integral Part of Microsoft Windows".

      There is absolutely no (technical) reason why this should be, based on the success of competing browsers, but the mere act of close-coupling it with the OS means that there are more ways that exploits to the browser can be converted into exploits for the OS.

      And, since it does come bundled directly with Windows, you can depend on people who either aren't technically-savvy enough or are simply too lazy to take the extra effort needed to secure their systems as IE users.

      So in many ways, IE is the ideal target.

    2. Re:Bear in mind by gigne · · Score: 3, Insightful

      Hey, thanks. what you did there is the browser equivilant of leaving a bag of burning dogshit on my doorstep.

      Opera took a serious wrong turn recently

      --
      Signature v3.0, now with 42% less memory usage.
  2. Re:But, we just said no one use IE? by Opportunist · · Score: 4, Insightful

    You needn't use IE for it to be useful to attackers. It is the one thing present on EVERY SINGLE system running an OS from MS, and it is the one single thing on every MS OS operated PC that is not only well suited to making connections via internet but also the one that the MS firewall routinely allows to in the default setting.

    The good old "we send the user a bogus EXE in mail" isn't really good anymore because of the MS firewall and UAC. Works like a charm, though, with a bogus script abusing an IE vulnerability since IE is considered a "trusted" application by default.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  3. Give credit where its due by Viol8 · · Score: 4, Insightful

    The low level coders on the ie team did a good job with graphics performance in IE9. Don't tar them with the same brush as the idiot management/marketing layer who think fancy features and bloat are more important than building a secure product from the ground up to start with (and I'm talking about the browser and OS)

    1. Re:Give credit where its due by ibwolf · · Score: 4, Insightful

      Atleast from IE9 onwards (OK and IE8 a bit) they started to notice that standards are a good thing

      No, they just stopped being able to ignore standards due to their shrinking market share.

  4. "Security researchers" by jones_supa · · Score: 4, Insightful

    Ha. I always cringe when black hat crackers are called "security researchers". That's not research, it's malicious destroying of other people's systems and data.

  5. Sell Xbox unit??? by Viol8 · · Score: 3, Insightful

    Yeah , great idea - sell one of the units making a profit!

    Typical short term hedgefund approach to companies - earn us some money now by selling off collateral then we'll dump your shares before they tank. Fucking parasites.