Although not incredibly big news it looks like Microsoft’s Internet Explorer 9 has fallen to exploits on Thursday during the Pwn2Own competition. Once again it was Vupen that managed the exploit. Interestingly enough as with Chrome it took two separate attacks to get past the security in place for IE 9. One is something that has been present in every version of Internet Explorer since IE6 and the other is a non-disclosed 0-day exploit to get past the protected mode available in IE.
Apparently it has been something of a tradition for the Internet Explorer Team over at Microsoft to send a congratulatory pastry to FireFox with each new version they ship. However, now that Mozilla is pushing out a “new” release every six weeks the IE gang has shortened up on the size of the pastry. For their latest release MS sent over a small Cup Cake only. The running joke is that because of the smaller update the congratulatory gift is also smaller.
Mozilla’s new rapid release program is supposed to allow patches and fixes to get to market quicker without the normal delay of a major feature update. This decision by Mozilla has cause mixed feelings in the IT community and also the consumer market. Many feel that the short span is annoying and can be inconvenient. IE on the other hand is sticking with the larger full featured releases which, while some times better developed can also throw wrenches into web page performance and compatibility.
Honestly there really is no better way to do this, but I do wish that both companies would address some of the security and performance issues that are plaguing both browsers. FireFox needs to fix the Flash bug that it has while MS really needs to work on securing the way that Plug-in interact with it (especially allowing elevated privileges).
Still it is sort of funny to find out that the IE team sends over a (cup)cake every time a new version of FireFox ships.
Discuss in our Forum