Maybe, just maybe, Microsoft has gotten religion when it comes to spyware and how vulnerable Internet Explorer is to attack. But I worry that the company has only half-way measures planned, and won’t take a few major steps it needs to take to lock down the browser.
Bill Gates, at a keynote speech at the RSA security conference, said that Internet Explorer will finally get a new version, Version 7, well before Longhorn is expected to hit. Beta is due mid-year. And that new version, he claims, will include features to fight spyware, phishing attacks, and malware.
In essence, Gates was forced into this. Firefox is a far superior, far safer browser, and it’s been eating away at Internet Explorer market share.
At the show, Gates was short on details, so we don’t really know how IE will protect against these threats. But no matter how safe Microsoft makes IE, I worry that there are several things that it won’t do, but should. It should do away with ActiveX controls altogether; it’s simply too dangerous a technology and should be abandoned. That would increase safety significantly.
Even more, it should no longer tie IE directly into the operating system. Having the two so closely tied together means that an attack on IE is an attack on your whole computer, not just your browser. There’s no technical reason IE can’t be untethered from Windows; after all, Firefox and other browsers aren’t directly tied in.
I don’t expect this to happen, though. But I do hope that Microsoft will use the revamp of IE to finally give it tabbed browsing, which the company inexplicably has so far refused to do.
In other news from the conference, Gates said Microsoft won’t charge for its consumer antispyware product, which is still in beta. A new version of it, he said, will be out by mid-year. This is very welcome news, because despite some flaws, it’s a very good and useful piece of software.
The good news in all this is that Microsoft is finally committed to fighting spyware and other malware, and has changed its product plans accordingly. But I worry that it will only take half-way measures.
What do you think about the Microsoft security announcement? Let me know.