Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Internet Explorer
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Security vulnerabilities=== {{See also|Comparison of web browsers#Security and vulnerabilities}} Internet Explorer has been subjected to many security vulnerabilities and concerns such that the volume of criticism for IE is unusually high. Much of the [[spyware]], [[adware]], and [[computer virus]]es across the Internet are made possible by exploitable bugs and flaws in the security architecture of Internet Explorer, sometimes requiring nothing more than viewing of a malicious web page to install themselves. This is known as a "[[drive-by download|drive-by install]]". There are also attempts to trick the user into installing malicious software by misrepresenting the software's true purpose in the description section of an ActiveX security alert. A number of security flaws affecting IE originated not in the browser itself, but in ActiveX-based add-ons used by it. Because the add-ons have the same privilege as IE, the flaws can be as critical as browser flaws. This has led to the ActiveX-based architecture being criticized for being fault-prone. By 2005, some experts maintained that the dangers of ActiveX had been overstated and there were safeguards in place.<ref>{{cite web |url=http://www.eweek.com/c/a/Security/The-Lame-Blame-of-ActiveX/ |title=The Lame Blame of ActiveX |date=April 14, 2005 |access-date=April 7, 2006 |work = Security—Opinions |publisher=eWeek |last=Seltzer |first=Larry }}</ref> In 2006, new techniques using [[automated testing]] found more than a hundred vulnerabilities in standard Microsoft ActiveX components.<ref>{{cite web |url=http://www.securityfocus.com/news/11403 |title=ActiveX security faces storm before calm |date=July 31, 2006 |access-date=July 11, 2009 |publisher=Security Focus |last=Lemos |first=Robert |archive-date=July 25, 2008 |archive-url=https://web.archive.org/web/20080725094146/http://www.securityfocus.com/news/11403 |url-status=dead }}</ref> Security features introduced in Internet Explorer 7 mitigated some of these vulnerabilities. In 2008, Internet Explorer had a number of published security vulnerabilities. According to research done by security research firm [[Secunia]], Microsoft did not respond as quickly as its competitors in fixing security holes and making patches available.<ref>{{cite web |url=http://secunia.com/gfx/Secunia2008Report.pdf |title=Secunia 2008 Report |publisher=Secunia }}</ref> The firm also reported 366 vulnerabilities in ActiveX controls, an increase from the previous year. According to an October 2010 report in ''[[The Register]]'', researcher Chris Evans had detected a known security vulnerability which, then dating back to 2008, had not been fixed for at least six hundred days.<ref>{{cite web |url=https://www.theregister.co.uk/2010/11/01/internet_explorer_600_day_bug/ |title=Internet Explorer info leak festers for 2 years |website = The Register |date = November 1, 2010 |access-date=November 2, 2010 |first = Dan |last = Goodin |location = San Francisco }}</ref> Microsoft says that it had known about this vulnerability, but it was of exceptionally low severity as the victim web site must be configured in a peculiar way for this attack to be feasible at all.<ref>{{cite web |url = https://www.zdnet.com/blog/security/two-year-old-data-leakage-flaw-still-haunts-internet-explorer/7604 |archive-url = https://web.archive.org/web/20101104042202/http://www.zdnet.com/blog/security/two-year-old-data-leakage-flaw-still-haunts-internet-explorer/7604 |url-status = dead |archive-date = November 4, 2010 |title = Two-year-old data leakage flaw still haunts Internet Explorer |work = [[ZDNet]] |publisher = [[CBS Interactive]] |date = November 1, 2010 |access-date = November 2, 2010 |first = Ryan |last = Naraine }}</ref> In December 2010, researchers were able to bypass the "Protected Mode" feature in Internet Explorer.<ref>{{cite web|url=https://www.theregister.co.uk/2010/12/03/protected_mode_bypass/ |title=Researchers bypass Internet Explorer Protected Mode |website=[[The Register]] |date = December 3, 2010 |access-date=December 4, 2010 }} </ref>
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
Internet Explorer
(section)
Add topic
