The vulnerabilities are related to the browser’s domain/zone security model, the DHTML object model, MIME-type determination, and ActiveX. This means that hackers could install remote access Trojan programs that will enable them to control a victim’s computer. The hackers could also install software to capture a victim’s keystrokes to steal data such as bank account numbers, credit card numbers and passwords.

So how serious is this problem? The US-CERT is suggesting to users to switch browsers namely: Mozilla, Opera, Netscape or FireFox. With this advisory, coupled with user’s frustrations, netizens have responded by downloading Mozilla software 200,000 times per day, an all-time high for the open source browser.
Unfortunately, Mozilla suffered its share of reliability issues, and was forced to issue a software patch to counter a newly discovered vulnerability affecting its Internet browsers.

Microsoft has responded with a series of patches designed to plug vulnerabilities in its Windows operating system, Internet Explorer web browser and other software. But software users are growing weary of continuously updating previously purchased software to protect them from security and reliability threats.

This makes me wonder whatever happened to Microsoft’s “Trustworthy Computing” initiative? A commitment they made a couple of years back to greatly enhance the security features of their software. It seems that more holes and vulnerabilities are being discovered each day; security vulnerabilities of Microsoft’s software products have become more critical than before.

And there seems to be no end for Microsoft’s woes. Just recently, a new type of virus called “Dust”, or “WinCE4.Dust” was found infecting Pocket PCs and smartphones. Although the risk is still considered low-level, can you imagine if viruses attack our mobile phones (another virus called “Cabir” was found infecting Symbian OS), the Philippine will not only be the texting capital of the world but will also be the virus capital of the world.

Given the problems at hand, what should the users do? Be vigilant. First, you need to keep your machine “patched” or update the anti-virus and security settings of your PC. Second, you need to make sure you have good anti-virus software. Third, you need a good personal firewall. And for IE users I urge you to disable Active scripting and ActiveX controls in the Internet Zone.

I can only surmise what Microsoft would say about all these. It has bandied its official line that there’s no such thing as a perfect application. And with Internet Explorer the most widely used browser, it follows as day follows night that it would be the most tempting target for hackers, virus authors and other cyber-criminals.

My reply would be: Yes, there’s no such thing as a perfect application but there is such a thing as a sub-standard application. And while it’s true that IE is the most popular browser nowadays, I would just like to quote what Uncle Ben advised Peter Parker: “With great power comes great responsibility.”

So will this kill Bill’s dream of Internet dominance? It seems headed that direction.

For comments, please email infochat@mozcom.com or visit www.infochat.com.ph