Face-Off: Whos to Blame for Browser Holes? | eWeek

Face-Off: Whos to Blame for Browser Holes?

Verfasst von
Sean Gallagher
Sean Gallagher
Jul 12, 2004
2 minute read
eWeek Inhalte und Produktempfehlungen sind redaktionell unabhängig. Wir können Geld verdienen, wenn Sie auf Links zu unseren Partnern klicken. Mehr erfahren

The recent rash of security problems related to Windows-based Web browsers has led some to ask if the browsers themselves are to blame—or is Windows itself just not safe?

First, Microsofts Internet Explorer was found to be vulnerable to a number of potential attacks from a Web page. While many of the recently discovered attacks on IE were found to be based on previously patched holes in the browser, an attack that allows for the download and launch of malicious code from a compromised Web server has prompted some security organizations to urge users to consider alternate browsers.

Then, last week, a similar “shell” vulnerability was discovered in the open-source Mozilla browser for Windows. The flaw was quickly patched.

So, whose fault is it, anyway? Two of eWEEK.coms Topic Center editors have opposite answers.

/zimages/3/53065.jpgSteven J. Vaughan-Nichols, eWEEK.coms Linux & Open Source Center editor, lays the blame squarely at Microsofts feet. “No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do,” he says, “the bottom line is that the serious, gut-wrenching problems happen on Windows; not on Linux, not on Mac OS.”

/zimages/3/28571.gifIE users worried about security breaches didnt get many answers from Microsoft during an online chat with its officials.Click hereto read more.

/zimages/3/53058.jpgLarry Seltzer, eWEEK.coms Security Center editor, sees it differently. “I think the argument is that Windows should prevent the shell scheme from executing programs, but this isnt a job for Windows,” he says. “This is a job for the browser. All Windows is doing in the case of what was just patched in Mozilla is taking an instruction to run a program and running it. If the browser didnt ask for it, it wouldnt happen.”

/zimages/3/28571.gifCheck outeWEEK.coms Security Centerat http://security.eweek.com for security news, views and analysis.

/zimages/3/77042.gif

Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page:/zimages/3/19420.gifhttp://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo2.gif

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Eigentum von TechnologyAdvice. © 2026 TechnologyAdvice. Alle Rechte vorbehalten

Werbetreibenden-Offenlegung: Einige der auf dieser Website erscheinenden Produkte stammen von Unternehmen, von denen TechnologyAdvice eine Vergütung erhält. Diese Vergütung kann beeinflussen, wie und wo Produkte auf dieser Website erscheinen, einschließlich beispielsweise der Reihenfolge, in der sie erscheinen. TechnologyAdvice schließt nicht alle Unternehmen oder alle auf dem Marktplatz verfügbaren Produkttypen ein.