Another day, another Internet Explorer vulnerability. Ho-hum, you might say. Who can keep track of them all? The U.S. Computer Emergency Readiness Team (CERT) issues yet another advisory, Microsoft issues yet another patch, and the world goes on.
Except this time it’s different. CERT’s advisory, as always, includes recommendations on how to protect yourself against the vulnerability. But buried at the bottom is this bombshell recommendation: “Use a different Web browser.”
So here we have a team funded by the U.S. Department of Homeland Security recommending that we all give up Internet Explorer. As you might guess, downloads of alternate browsers Mozilla and Firefox have gone through the roof.
But should you give up Internet Explorer? First, look at the roots of the vulnerability. It’s true that no one will ever accuse Microsoft of being overly focused on security. But on the other hand, there’s one primary reason that malware writers target IE rather than other browsers - it’s the browser that everyone uses. If Mozilla or Firefox were to suddenly become the most popular browser, either would be Target Number One as well.
ActiveX presents a big tempting target, and malware authors have taken advantage of it. Internet Explorer supports it; Mozilla and Firefox (and Opera) don’t. But when you give up ActiveX, you give up a lot. If you ever use the Web for Windows Update, you use ActiveX, for example. And there are plenty of other places that use it as well.
So for now, I’m still using Internet Explorer, although I’m about to download Firefox as well. Maybe I’m a tempting target, but isn’t computing about living dangerously?
Are you ready to give up Internet Explorer? Let me know.