NewScientist.com issued an article today regarding what are said to be “extremely critical” security issues in Microsoft’s Internet Explorer web browser. According to the article, three major security flaws have been identified by various computer security professionals. One company, an independent US computer security firm called GreyHats Security Group, published source code which could allow hackers to take advantage of one major flaw in Internet Explorer and gain control of a host computer. GreyHats recently released a statement defending their decision to post the source code, claiming that Microsoft was alerted to the security flaw in October of 2004.
Microsoft has yet to release a fix for any of the identified problems despite their critical nature. According to the US security firm Secinua, all three flaws are extremely severe and pose an active security risk to Internet Explorer users.
In my opinion these “oversights” are going to kill Microsoft in the browser wars, namely against Mozilla’s FireFox Browser, which is gaining both market share and credibility at a rate that is certainly being felt by Microsoft. And while negligence in the security arena is nothing new for Microsoft, there is certain to be greater impact now that viable alternatives to Microsoft products are emerging.