As the discussions regarding the Internet Explorer vulnerability continues in the media, academia, and business and even in my daughter school where she is a teacher. The Government via the Cabinet Office has just released this statement.
“We take internet security very seriously. Complex software will always have vulnerabilities and motivated adversaries will always work to discover and take advantage of them. There is no evidence that moving from the latest fully patched versions of Internet Explorer to other browsers will make users more secure. Regular software patching and updating will help defend against the latest threats.”
The issue of keeping your operating system and all your application software up to date (patched as some of us will know it as) cannot be emphasised to strongly. It is as critical as anti-virus and anti-spyware both of which should also be set to automatic update, firewalls and secure wireless connections.
{ 1 comment… read it below or add one }
I feel it’s a bit weak telling people to keep up to date when they have a choice of only one source of updates and that single source is known to be worse than competitors. A 1999 analysis by SecurityPortal found that little Red Hat was faster to respond to advisories and vulnerabilities than Microsoft (11.23 days on average, compared to 16.10 days) and I’ve seen nothing suggesting that has changed significantly, have you?
Way back in June 2004, the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (CERT) recommended switching browsers for security reasons after Microsoft had failed to patch a critical vulnerability for 9 months. http://www.internetnews.com/security/article.php/3374931
So, this is not the first time this has happened and not a new problem. When will the UK Government honour European Parliament A5-0264/2001 which calls “on the Commission and Member States to promote software projects whose source text is made public (open-source software), as this is the only way of guaranteeing that no backdoors are built into programmes”?