Linked by Thom Holwerda on Mon 18th Jan 2010 22:00 UTC
Internet Explorer Ah, the security vulnerability that was used in the Google attack. It's been around the internet about a million times now, and even governments have started advising people to move away from Internet Explorer. As is usually the case, however, the internet has really blown the vulnerability out of proportion. I'll get right to it: if your machine and/or network has been compromised via this vulnerability, then you most likely had it coming. No sympathy for you.
Permalink for comment 405016
To read all comments associated with this story, please click here.
Thom get your facts straight...
by TemporalBeing on Tue 19th Jan 2010 21:35 UTC
Member since:

That's because this vulnerability only affects users of Internet Explorer 6 on Windows XP.

Actually, Microsoft confirmed that ALL versions of Windows and ALL versions of Internet Explorer are vulnerable; not simply WinXP+IE6.
Please get your facts right.

If your corporate network still uses IE6, the same thing applies. Of course, there are still a number of tools that are designed for IE6, but that's something the developers of those tools should be ashamed of.

Management is more to blame on this, or rather mis-management.

If management bought something to run internally, then they would need to buy a new version of the software, probably with money they don't have as it needs to go elsewhere (e.g. your salary).

Alternatively, management contracted out, and the contract may stipulate a certain version of software be used (e.g. Windows XP, IE6); in which case, the contractor may have their hands tied with respect to upgrading the software until the contract renews - and then, only if the management agrees.

This then comes back to bite management and the contractor - management may have more than one contract with said software stipulated, but not have them all renew at the same time; so they will be reluctant to change the contract.

Likewise a contractor may have a contract with one client with said software stipulated, and may have not have the resources to maintain the software both for that one client and update it for everyone else. (It may be their primary client has the stipulation.)

All said, there are numerous reasons - all of which are legitimate - as to why software may not get upgraded. The problem is breaking the cycle so that the upgrades can happen; or getting management to spend the money (or both).

In a beaurocratic company (basically any company with >10000 employees, and many with less as well) it's a hard thing to get software upgrades. (Many are still migrating or just finishing the migration from Win2k to WinXP!)

Reply Score: 2