Microsoft recruiting software pirates to fight Firefox?
Microsoft is going to let everyone -- even people with an illegal pirate copy of Windows XP -- download IE7 because the software giant really cares about the safety and security of all Internet users. (But don't mention Firefox ...)
In January 2005, Microsoft announced that unless users were in possession of a genuine copy of Windows XP they would be blocked from installing software updates or security patches.
At the time, security experts warned Microsoft that the move would result in more unpatched Windows systems and therefore an increased threat from compromised PCs.
In late 2006, the company released Internet Explorer 7 -- a significant improvement on IE6 because of its improved security, better adherence to Web standards and tabbed browsing.
According to a Microsoft spokesperson on Wednesday, Microsoft "feels that the security enhancements to Internet Explorer 7 are significant enough that it should be available as broadly as possible."
"One of the ways that users are infected with malicious software is through browser-based activity on the Web," the spokesperson explained. "Current market information indicates that a sizeable percentage of non-genuine versions of Windows are also some of the highest targeted with malware."
"This malware, once installed on the non-genuine systems, is also then quite often used to undertake broader security threats that impact not only non-genuine users but all users. An example of this malware activity would be botnets," the spokesperson said.
Allowing everyone to use a better, safer browser is obviously a welcome move. However, if Microsoft really wanted to make the Internet a safer place, it would also change the policy that stipulates only WGA-authenticated systems can download security patches.
Currently, only patches labelled "Critical" by the software giant -- which means they fix a flaw that could result in a self-replicating worm -- are available to non-WGA qualified users.
Fixes categorised as "Important" are left open. This means that, for example, non-genuine Windows XP users are still vulnerable to a flaw detailed in Microsoft Security Bulletin MS07-022 that was released on 10 April, 2007.
According to Microsoft, the fix for this flaw is important because without it, an attacker could "take complete control of an affected system ... then install programs; view, change, or delete data; or create new accounts with full user rights".
So it seems Microsoft is saying that the Internet will be a safer place if non-WGA XP users have its latest browser. The fact that these same people have an operating system full of known vulnerabilities doesn't seem to cause the company any concern.
By giving IE7 to non-WGA Windows users, do you think Microsoft is trying to make the Internet safer -- or is this just another way to fight Firefox?