Other browser "not up top par" with IE -RSS

Advanced Search

December 27, 2004 Other browser "not up top par" with IE A Web Exclusive from Windows IT Pro Brett Hill You've Been Hacked! InstantDoc #44909 Windows IT Pro	Email this Article Printer Friendly Reader Comments Digg This Del.icio.us RSS
Subscribe to Windows IT Pro \| See More Security Articles Here \| Reprints \| Or get the Monthly Online Pass—only $5.95 a month!

back to blog index

Referenencing the firefox thread that was going on earlier, I ran across this article:
http://www.securityfocus.com/archive/1/378632

that concludes " It appears that the overall quality of code, and more importantly, the
amount of QA, on various browsers touted as "secure", is not up to par
with MSIE; the type of a test I performed requires no human interaction
and involves nearly no effort. Only MSIE appears to be able to
consistently handle [*] malformed input well, suggesting this is the
only program that underwent rudimentary security QA testing with a
similar fuzz utility."

FYI,
Brett

End of Article

What are you smoking, Brett?

Or are you touting MSIE because you're a hijacker?

Or is Micro$soft paying you to spew FUD?

Or maybe you're just not as smart as you'd like us to believe.

Anonymous User January 25, 2005

http://www.securityfocus.com/archive/1/379207

"(...)although it did take a longer
while for it to give up - three hours - (impressive by comparison to
competitors), it eventually did:

http://lcamtuf.coredump.cx/mangleme/gallery/ie_die1.html

Tested on 6.0.2800.1106, dies in mshtml.dll. This is a NULL pointer
dereference, so merely a DoS condition, but still an evident flaw in
basic HTML parsing.

******************************************************************
* This means that VIRTUALLY EVERY BROWSER IN USE TODAY is unable *
* to securely render HTML. Keeping in mind that not only web *
* browsing, but also integrated e-mail is at risk, it is a grim *
* thought. *
******************************************************************

Anonymous User September 07, 2005 (Article Rating:

)

You must be a registered user or online subscriber to comment on this article. Please log on before posting a comment. Are you a new visitor? Register now

Search You've Been Hacked!

You've Been Hacked!

FEBRUARY 2010

Recently in You've Been Hacked!

Maxthon 2.1 Released

Last Comment
firefox + winamp = heaven, i wons youuuuuuuu...

(1 Comments)

McDonalds China IIS 5 Server defaced

Make a Comment

Other browser "not up top par" with IE

Last Comment
http://www.securityfocus.com/archive/1/379207 "(...)although it did take a longer while for it t...

(2 Comments)

Smart phone device target of Trojan

Make a Comment

Center for Internet Security Scanning tool

Make a Comment

More blogs about technology,
software, and Windows.

ADS BY GOOGLE

Job Openings in IT		SPONSORED LINKS		FEATURED LINKS
		Collaborate with Confidence Accelerate deployment and simplify Microsoft SharePoint management with EMC solutions and services. Calculate your savings now See how SAN is 57% cheaper than DAS over three years Announcing Symantec Backup Exec 2010 With integrated deduplication and unified archiving technology.		Feb 25 - Are your IT Systems distributed? Or Convoluted? Find out why integrated management solutions are more important than ever in today's IT environments and what criteria to consider when evaluating those solutions. Virtualization Faceoff – Join the Discussion Blogs, free poster, videos, community commentary – IT experts and peers face off on VMware & Microsoft virtualization solutions. Should Your Email Live in the Cloud? This Forrester report shows how-to calculate your on-premise email costs and compare with cloud-based alternatives and offers best practices for reducing email costs. Exchange Server 2010: Deploying Unified Communications register for this free virtual event and build your Unified Communications future on a strong Exchange Server 2010 foundation New from Left-Brain.com - Manage VMware with PowerShell Learn how to perform everything from simple ad-hoc reporting at the command-line to complex scripts that automate a massive deployment of hundreds of virtual machines. Solve your old problems using less code than you thought possible!