IE Security Update - updated
Anyone else having problems installing? I'm running Win 7 and IE11. Tried to download and install the update today and it hangs on the restart. I have to disconnect power cord, remove and reinsert bat...
Forum Discussion
epmes wrote:ChopperBill wrote:
My dad belongs to a computer club. Here is an part of an email he got from one member.
"Microsoft will issue a patch for IE on Tuesday which will fix the program code exploit for all versions of IE and for all versions of Windows. My advice is to be sure to install the patch (Windows Update) on Tuesday or Wednesday. Then quit using IE forever and switch to Chrome or Firefox. Hackers will continue to find weaknesses in IE in the future exposing users to exploits."
Sorry, this is technically inaccurate on a few fronts.
First, the patch was issued yesterday (Thursday) and pushed out through Automatic Updates. It does have prerequisites, though, and assumes that you've been updating your system with other security updates. If you haven't, AU will install those updates first.
Second, we haven't announced what will be in the Patch Tuesday update yet. That's the second Tuesday of the month, not this coming Tuesday, so it's still 11 days away.
Third, of course IE has vulnerabilities. All large software packages have vulnerabilities. What's ironic about some guidance is that people seem to think that Chrome and Firefox are without problems, when in fact they have significantly MORE vulnerabilities than IE. Check Secunia Vulnerability Review or the Symantec Internet Security Threat Report or go straight to the US National Vulnerability Database and do your own searches if you don't believe me. The truth is that if someone wants to target your company, they'll target exploits against whatever browser, OS, and other software you're using. IE consistently comes up as more secure than other browsers in security tests--which is why nearly all governments, financial institutions, etc. use IE in the first place--but it's hard to stack up empirical evidence against some guy in a relative's computer club.
Much better advice would be to not click on email links that take you to sites you don't know or trust, and update your systems. This is always good advice, and would prevent this kind of attack in the first place.
Disclaimer: I work for Microsoft, and it's been a long week.
While IE "may" have fewer security patches, in many respects it IS far less "secure" than FireFox.
Why?
Simply put IE gives the USER a lot less OPTIONS for stopping and preventing malicious code from running.
IE does not have addons like AdBlockPlus (stops a lot of unwanted and potential ads which may contain UNSECURE scripts (got hit with malware TWICE from "roll over" inline ads while using IE a few years ago).
Nor does IE have anything like BetterPrivacy which contains and controls Flash Super Cookies.
Nor does IE have NoScript which STOMPS on ANY JavaScript based code attacks. NoScript while a bit of a pain by far makes for a much secure browser and GIVES the user CONTROL (IE DOESN'T).
Ever since I got hit with malware using IE I switched to FireFox and those addons, Websites load FASTER and so far no more drive by malware attacks. :B
