eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
The recent rash of security problems related to Windows-based Web browsers has led some to ask if the browsers themselves are to blame—or is Windows itself just not safe?
First, Microsofts Internet Explorer was found to be vulnerable to a number of potential attacks from a Web page. While many of the recently discovered attacks on IE were found to be based on previously patched holes in the browser, an attack that allows for the download and launch of malicious code from a compromised Web server has prompted some security organizations to urge users to consider alternate browsers.
Then, last week, a similar “shell” vulnerability was discovered in the open-source Mozilla browser for Windows. The flaw was quickly patched.
So, whose fault is it, anyway? Two of eWEEK.coms Topic Center editors have opposite answers.
/zimages/3/53065.jpgSteven J. Vaughan-Nichols, eWEEK.coms Linux & Open Source Center editor, lays the blame squarely at Microsofts feet. “No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do,” he says, “the bottom line is that the serious, gut-wrenching problems happen on Windows; not on Linux, not on Mac OS.”
/zimages/3/28571.gifIE users worried about security breaches didnt get many answers from Microsoft during an online chat with its officials. Click here to read more.
/zimages/3/53058.jpgLarry Seltzer, eWEEK.coms Security Center editor, sees it differently. “I think the argument is that Windows should prevent the shell scheme from executing programs, but this isnt a job for Windows,” he says. “This is a job for the browser. All Windows is doing in the case of what was just patched in Mozilla is taking an instruction to run a program and running it. If the browser didnt ask for it, it wouldnt happen.”
/zimages/3/28571.gifCheck out eWEEK.coms Security Center at http://security.eweek.com for security news, views and analysis.
/zimages/3/77042.gif
Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page: /zimages/3/19420.gif http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo2.gif