However, computer security experts described the Microsoft software flaws as
routine and not particularly serious, and called the official warnings in
Europe an overreaction.
The spotlight that has been thrown on weakness in its software as a result of
the China attacks comes at a critical time for Microsoft, which has been
hoping that the release of its Windows 7 operating system would reverse
Internet Explorer’s loss of market share.
Market Share
Internet Explorer is still the leading browser in Europe, with 45 per cent
market share, but Mozilla Firefox is a close second at 40 per cent. This
compares with a 56 per cent market share worldwide, according to
StatCounter, a web analytics company. In markets such as Germany and
Austria, Firefox has become the market leader, with IE in second place.
The German and French governments have both warned citizens not to use
Internet Explorer, at least until a security patch is released to fix a
vulnerability in the software. Concerns were raised after security experts
pointed to a flaw in Internet Explorer code as a key vulnerability that had
contributed to the cyberattacks on Google and 33 other companies.
There was a huge spike in the number of searches for Firefox in Germany at the
end of last week, according to the Google Trends website, which allows users
to track internet behaviour. There was also a sharp rise in searches for
Firefox in Switzerland and Austria, and more modest increases in Italy, the
Netherlands, Spain, Portugal and the UK.
Microsofts defence
Microsoft said last week that Internet Explorer had been one of several
mechanisms used in the attack. Microsoft itself was recommending that
customers switch to Internet Explorer 8, a newer version of the browser.
Microsoft said it had not seen any successful attacks on IE8.
Andrew Storms, director of security for nCircle, a web security provider,
described the warnings from France and Germany as “a disproportionate
response” that reflected general paranoia in the wake of Google’s disclosure.
“Microsoft is an American company, Firefox is developed internationally – it’s
convenient to kick them over this one,” said Dan Kaminsky, a US-based
security expert.
The disclosure of the browser flaw was routine and not materially different
from “thousands” of weaknesses found each year in browsers and software
“plug-ins” that extend their capabilities, he added.
Internet Explorer has been under intense scrutiny in Europe. Microsoft
recently settled a case with the European Commission over tying the browser
to its dominant Windows operating system. In December, Brussels agreed a
deal in which the company will offer Windows users a choice of a dozen
browsers. Microsoft will continue to be under close monitoring by Brussels
to ensure that this system works.
Microsoft is trying hard to improve its relations with European policymakers,
however. On Tuesday it announced that it would make data from internet
searches anonymous after six months, in line with recommendations by the
Commission.
The Article 29 Working Party, a group of European data protection officials
that advises Brussels on its privacy policies, had recommended nearly two
years ago that user data collected by search engine companies be deleted
after six months. Although Microsoft is responding slowly to the request, it
will look compliant compared with Google, which keeps search data for nine
months.
Dit artikel is oorspronkelijk verschenen op z24.nl