Internet Explorer. When popularity means insecurity

Obviously, there is no need to argue that Microsoft Windows is the most popular operating system and Internet Explorer browser included in the OS distribution is the most popular program used to access the web. Some of us do not like this, but it’s the fact that should be regarded. More and more people gets involved into numerous discussions about operating system and browser drawbacks. However, most computer users do not strive to abandon Microsoft products. Why to seek for and switch to different software while the present one simply does it job? Nevertheless, times change. The rise of spyware and constantly appearing security vulnerabilities push users to think about the situation. Many have switched to Internet Explorer (for short, IE) alternatives. We shall not ask you to follow their example, but will try to get it clear, is Internet Explorer really suitable for everyday web surfing?

The key of IE popularity is its simplicity, high integration into the OS and perfect compatibility with different web sites. It’s not a secret that lots of complex Internet projects were made especially for the most popular browser, IE orientation of the Internet is obvious. The browser supports many plug-ins, including modern Java and Flash. Various multimedia applications and even office products include special IE add-ons. Browser interface doesn’t distinguish from common Windows tools – the program looks like another Windows Explorer window. All this makes Internet Explorer a convenient piece of software that doesn’t distract the user from his work. IE hasn’t any exotic functions like mouse gestures or voice control. But profess, do you really need them?

From the other side, IE lacks many simple, but very useful functions, required for usual web surfing. It is improbable that the most popular browser doesn’t offer tabbed browsing and RSS feed reader. Simple pop-up blocking was introduced only in Service Pack 2 for Windows XP. Unlike other products, IE doesn’t support visual themes and extensions.

Image 1. Recent IE version includes a pop-up blocker

The most serious browser problem is insufficient security. IE has native support for ActiveX and VBS scripts, which are exploited by most parasites. Practically all browser hijackers affect Internet Explorer. Besides, its design makes it possible to integrate any malicious browser module through the registry without user knowledge and permission. The browser is being affected by constantly appearing security flaws. Of course, IE rivals also have vulnerabilities. However, these are not critical, because non-Microsoft products are not so highly integrated with the operating system. Many IE bugs can be exploited to give unauthorized remote access to the entire system. The release of Service Pack 2 slightly improved the situation. However, IE updates are available only for Windows XP SP2 users, others will have to use outdated and potentially insecure browser versions.

Image 2. Internet Explorer has native support for potentially dangerous scripts

Blog entry of Rob Franco, lead program manager for IE security at Microsoft about the improved Internet Explorer 7 security model (“Low Rights IE” feature) can be accepted as an oblique admission of IE drawbacks: “The Web site’s code won’t have enough privileges to install software, copy files to startup folder, or hijack the settings for the browser’s homepage or search provider. The primary goal of Low Rights IE is to restrict the impact of a security vulnerability (…) It can limit the damage a vulnerability can do.”

The most popular web browser with default settings enabled is not safe from spyware and other parasites. However, you can severely improve its security by disabling potentially vulnerable features like ActiveX or VBScript. This will make it as much secure as its rivals are. Even if you miss certain features in IE and want to use another browser, you will not abandon Internet Explorer. It is required to access Microsoft Update services and lots of IE-oriented sites.

Like us on Facebook