A flaw in Microsoft’s Internet Explorer browser enables Chinese cyber warriors to execute a serious attack against Google. Sounds like a nightmare for bother companies, right? Server Watch sees it differently.
You’d think the news that Chinese hackers used a vulnerability in Microsoft’s Internet Explorer (IE) to attack Google would be a PR disaster for both companies. Surprisingly, the two stand to benefit from the whole affair.
The recently-discovered invalid pointer reference bug found in IE6, IE7 and IE8 that was used against Google is being seen as so grave that it’s prompted the governments of France and Germany to warn their citizens not to use IE at all.
The recommendation of our European chums is to use some other browser — any other browser — instead of IE. (You may think that most people would take any computer security warning from the French, German or any other government with a healthy dose of skepticism, and while that may be true, it’s not exactly a security endorsement, is it?) The most obvious browser to switch to is Mozilla Firefox, IE’s main competitor and an excellent browser — although one not without its own security problems from time to time. “Switching away will get away from this particular problem,” Graham Cluley, a senior technology consultant at Sophos pointed out yesterday. “But all browsers have security flaws.”
Quite right. But just as bank robbers rob banks because that’s where the money is, hackers attack IE because that’s where the users are. The problem with Firefox is that it’s becoming too successful: It has about a 25 percent share of the browser market (although this is small compared to the 66 percent share enjoyed by all versions of IE combined.) Pretty soon it will have enough users for it to be worthwhile attacking more often — especially if every Jean-Pierre and Fritz migrates to it en masse.