Last week Microsoft issued a security advisory warning of an ActiveX vulnerability relating to a video control. There's no patch in sight. Today we get another advisory relating to another ActiveX control, this time used to display Excel spreadsheets. Since tomorrow is Patch Tuesday, we're not going to see a patch for this vulnerability either. Both vulnerabilities are being actively targeted by hackers. Is Internet Explorer too toxic to trust?
Microsoft has issued a workaround for both vulnerabilities (here and here) but the number of people who will actively protect themselves from this threat is small, so for the time being there are literally millions of PCs out there wide open to being attacked on two fronts.
I used to be a big fan of IE, but years of having to apply patch after patch, and carry out workaround after workaround has made me glad that Windows 7 offers users a quick and easy way to make IE go away. Make IE go away and you make ActiveX go away, and users rid themselves of a huge security millstone. While IE presents less of a threat on Vista and 7, but since much of the world still relies on XP, it's one application that makes the Internet a much more dangerous place for all of us.
Anyone else see IE as the toxic choice?