I don't know if you noticed, but someone is
pasting an increasing number of groups onto this
thread.
>
> "So far, Microsoft "has not seen widespread customer impact, rather
> only targeted and limited attacks exploiting Internet Explorer 6""
> http://news.bbc.co.uk/2/hi/technology/8460819.stm
>
> Someone is still running IE 6?
>
I'm running IE5. My approach is "Never update
anything from MS if you don't have to. The newer
one is always worse." (That's been my rule of
thumb since XP came out.)
But I wouldn't use IE online, either. I just use
it for running HTAs and testing webpages. The bigger
question is why people at Google and other big
tech. companies are using IE.
In any case, it's not just IE6. That's misinformation
that Microsoft is trying to spread. The exploit was found
in all versions from the beginning. It's been shown
to work in IE6/7 and to at least crash IE8:
http://www.theregister.co.uk/2010/01/15/ie_zero_day_exploit_goes_wild/
> Firefox and Mac OSs have just as many security vulnerabilities and
> patches as IE and Windows.
>
If I were going to go online with script enabled
I'd much rather be using FF than IE. (But life's
too short to use MacOS, whether it's safe or not.
Firefox is also easier to configure. Even experts
have a challenging job setting the literally *thousands*
of Registry values associated with IE security. In
Firefox one can just enable or disable javascript.
I'll believe Microsoft cares about IE security when
they block all ActiveX and put a big red button on
the toolbar. The button will enable script per-site,
and when it's clicked it will show one of thise annoying
MS warnings: "Script is not safe. Are you sure you
want to enable script for this website?"
But that won't happen because online companies
want script for tracking, visitors want interactive
pages, and MS wants their browser to work well
with webpages, no matter what. ... And I suppose
that if they ever do rein in script/ActiveX that will be
about the time that exploits of Silverlight start popping
up.