ReviewGeek: Microsoft Rips Internet Explorer Away From Users Still Holding On. “Internet Explorer had a great run, but the writing has been on the wall for years. Microsoft officially said goodbye to the long-running browser back in June. Today, it confirmed that a new Microsoft Edge update would permanently disable Internet Explorer on Windows 10 and send it into retirement.”
New York Times: Even in Death, Internet Explorer Lives On in South Korea. “On Google Chrome, you can’t make business payments online as a corporate customer of one of the country’s largest foreign-owned banks. If you’re using Apple’s Safari, you’re unable to apply for artist funding through the National Culture and Arts website. And if you’re a proprietor of a child care facility, registering your organization with the Health and Welfare Ministry’s website is not possible on Mozilla’s Firefox. In all these cases, Microsoft’s Internet Explorer, or a similar alternative, is the required browser.”
RFI: RIP Internet Explorer: South Korean engineer’s browser ‘grave’ goes viral. “In honour of the browser’s ‘death’, a gravestone marked with its signature ‘e’ logo was set up on the rooftop of a cafe in South Korea’s southern city of Gyeongju by engineer Kiyoung Jung, 38. ‘He was a good tool to use to download other browsers,’ the gravestone’s inscription reads.”
Associated Press: So long, Internet Explorer. The browser retires today. “Internet Explorer is finally headed out to pasture. As of Wednesday, Microsoft will no longer support the once-dominant browser that legions of web surfers loved to hate — and a few still claim to adore. The 27-year-old application now joins BlackBerry phones, dial-up modems and Palm Pilots in the dustbin of tech history.”
PCWorld: RIP Internet Explorer: Microsoft’s iconic browser is being killed off in June. “Believe it or not, Microsoft’s Internet Explorer still lives. But not for long. If you’re one of those people who is still reliant on Internet Explorer (hi, Dad!), Microsoft has some bad news: Microsoft will officially end support for the Internet Explorer desktop application on June 15, 2022.”
TechRadar: Google finds zero-day security flaws in all your favorite browsers. “DIscovered by Google’s Threat Analysis Group (TAG), the four vulnerabilities in Google Chrome, Internet Explorer, and WebKit, the browser engine used by Apple’s Safari, were used as a part of three different campaigns.”
BetaNews: Microsoft is finally ready to kill off Internet Explorer once and for all… for most people. “Internet Explorer may be a stalwart of the world of web browsers, but it has also been an object of ridicule and derision for pretty much its entire life. Since the emergence of the Chromium-based Microsoft Edge, the writing has been on the wall for the browser just about everyone loves to hate, but IE has been lingering for longer than many people would have expected. But now Microsoft is finally ready to pull the plug. Sort of.”
BetaNews: Microsoft is finally ditching Internet Explorer and legacy Edge. “With Internet Explorer having shown its age for a very long time, and with Microsoft pushing out the new Chromium-based version of Edge, it is little wonder that the company is ready to kill off its older browsers. Microsoft has now set out its timetable for sunsetting legacy Edge in Windows 10 and the dropping of support for Internet Explorer. The changes start later this year, and in twelve months’ time the process of moving on will be complete — from Microsoft’s point of view, at least.”
Bleeping Computer: Microsoft’s IE Zero-day Fix is Breaking Windows Printing. “Unfortunately, the scope of issues being caused by applying this fix is greater than originally thought. Since applying this fix, many users have reported that this fix is also causing printing to fail on HP printers and other USB printers. When users attempt to print they receive I/O errors and the print jobs fail.”
Lifehacker: Block Internet Explorer’s Latest Vulnerability With This Workaround. “Microsoft disclosed a troublesome vulnerability in Internet Explorer last week, affecting various permutations of Internet Explorer 9, 10, and 11 across Windows 7, 8.1, and Windows 10 (as well as various editions of Windows Server). The bad news is that Microsoft won’t likely patch this problem until February—when the next major batch of security updates hits. Thankfully, there are a few workarounds you can use right now to keep yourself safe from this new remote code execution vulnerability.”
BetaNews: 0patch releases micropatch for Internet Explorer vulnerability — including for Windows 7. “At the end of last week, a serious vulnerability was discovered in Internet Explorer, affecting all versions of Windows. Not only is the bug (CVE-2020-0674) being actively exploited, but for Windows 7 users the vulnerability was exposed right after their operating system reached the end of its life. Even for users of newer versions of Windows, and despite the severity of the security flaw, Microsoft said it would not be releasing a patch until February. Stepping in to plug the gap comes 0patch with a free micropatch for all versions of Windows affected by the vulnerability.” Third party patches make me wary (this is not because of 0patch, but just in general) but if you don’t want to wait until February…
The Register: It’s Friday, the weekend has landed… and Microsoft warns of an Internet Explorer zero day exploited in the wild. “Microsoft let slip on Friday an advisory detailing an under-attack zero-day vulnerability (CVE-2020-0674) for Internet Explorer. The scripting engine flaw can be exploited to gain remote code execution on a vulnerable machine by way of a specially crafted webpage. The flaw can be mitigated by restricting access to the JavaScript component JScript.dll, and thus far there is no patch available.”
BetaNews: Microsoft releases emergency patches for Internet Explorer zero-day and Windows Defender flaw. “Microsoft has released a pair of emergency patches, one for a remote code execution zero-day in Internet Explorer, and one for a denial of service vulnerability in Windows Defender.”
Ars Technica: Ex-YouTube engineer reveals how video site worked to kill off Internet Explorer 6. “Though YouTube had been under Google’s ownership for about three years, YouTube’s engineers were suspicious and wary of being integrated into Google’s corporate machine. They had their own special set of permissions named ‘OldTuber,’ and anyone with OldTuber permissions could freely modify the YouTube site without going through Google’s usual change management process of code reviews, testing, adherence to coding standards, and so on. It was cowboy territory, where developers could do as they liked. Only the risk of breaking things—and hence losing OldTuber permissions, if not their job—kept them on the straight and narrow. The OldTubers decided that they’d show a banner to Internet Explorer 6 users.”
BetaNews: Micropatch now available for Internet Explorer security hole. “Through its 0patch platform, ACROS Security is making the micropatch available to Windows users who are concerned about the security of Internet Explorer. While there are likely to be concerns voiced about installing a security patch from a third party, there are two things to consider here.”
The ResearchBuzz Firehose is regular RB content presented as individual posts.
For digest-type posts a couple of times a day, please visit ResearchBuzz.
Want to know how to best use the Firehose for content discovery?
Check out this handy article.