Internet Explorer bug: Microsoft promises more trustworthy updates in future

Enterprise IT vendor Microsoft today promised to beef up security aspects for its Internet Explorer browser while fixing the current bug.

Adrienne Hall, general manager, Trustworthy Computing, Microsoft, in a blog post, said: “Today, we made our browser a bit safer. Next month, it will be better still. You can count on us.”

Microsoft tried to emphasize on the cyber security threats in the blog post. “This connected world, which brings so much goodness to consumers and businesses, also has a dark side:  people and organizations who seek to disrupt technology use and steal information. We are standing guard,” Hall said.

Internet explorer

“We have compiled an admirable track record over the last decade in the way we build our products with security at the core and the way we update them every single month to be more secure, chock full of privacy protections, more reliable  – more trustworthy,” Hall added.

Reuters reported that Microsoft is helping the estimated hundreds of millions of customers still running Windows XP, which it stopped supporting earlier this month, by providing an emergency update to fix a critical bug in its Internet Explorer browser.

Earlier, cyber security firm FireEye warned that a sophisticated group of hackers had exploited the bug to launch attacks in a campaign dubbed Operation Clandestine Fox.

Initial response from Microsoft was not encouraging for the IT industry.

Microsoft on Wednesday initially said it would not provide the remedy to Windows XP users because it had stopped supporting the product. On Thursday, Microsoft started releasing the fix for the bug through its automated Windows Update system. The remedy would be pushed out to XP customers, said Microsoft.

Strong government responses to the security — the first major threat to emerge after Microsoft stopped providing support to its 13-year-old XP operating software on April 8 – have forced the software vendor to change its stand.

Microsoft was under pressure to move quickly as the US, UK and German governments advised computer users on Monday to consider using alternatives to Microsoft’s Explorer browser until it released a fix.

Lack of earlier responses from Microsoft really surprised some of the Microsoft users.

At the end of last week, FireEye initially uncovered attacks involving recent versions of Windows that are still supported by Microsoft.

Then, three days ago, it began identifying attacks on Windows XP, which users would not necessarily have been able to thwart if Microsoft had not decided to roll out the update to XP users in addition to other customers.

Microsoft first had warned that it was planning to end support for Windows XP in 2007, but security firms estimated that 15 to 25 percent of the world’s personal computers still run on the version of the operating system that was released in October 2001.

In her blog post, Hall said: “The security of our products is something we take incredibly seriously, so the news coverage of the last few days about a vulnerability in Internet Explorer (IE) has been tough for our customers and for us.  IE is the safest in the world due to its secure development and ability to protect customers, even in the face of cybercriminals who want to break it.”

“If you are like most people, you have automatic updates turned on, and you’ll get this new update without having to do anything.  If you haven’t turned on automatic updates yet, you should do so now.  Click the “Check for Updates” button on the Windows Update portion of your Control Panel to get this going,” she said.

The company admitted that one of the things that drove much of this coverage was that it coincided with the end of support for Windows XP.  Microsoft has been encouraging Windows XP customers to upgrade to a modern, more secure operating system like Windows 7 or Windows 8.1.

“Though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP (including embedded), today.  We made this exception based on the proximity to the end of support for Windows XP,” Hall said.

Microsoft termed the development as a small case – probably blown out of proportion.

Microsoft suggests that if you are on Windows 7, upgrade to Internet Explorer 11. It said its modern operating systems provide more safety and security than ever before. The latest version of Internet Explorer has increased support for modern web standards, better performance, and expanded the ability to deliver an immersive experience from within the browser.

Is Microsoft promising more than it can afford?

Baburajan K
[email protected]