CERT Cyber Security Tips re IE

In case anyone hasn't heard, CERT, the United States Computer Emergency Readiness Team, issued a warning about Microsoft's Internet Explorer browser in a June 3, 2004 posting to the CERT website:

Use a different web browser

There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, the DHTML object model, MIME type determination, the graphical user interface (GUI), and ActiveX. It is possible to reduce exposure to these vulnerabilities by using a different web browser, especially when browsing untrusted sites. Such a decision may, however, reduce the functionality of sites that require IE-specific features such as DHTML, VBScript, and ActiveX. Note that using a different web browser will not remove IE from a Windows system, and other programs may invoke IE, the WebBrowser ActiveX control, or the HTML rendering engine (MSHTML).

Dig it. Aside from being a computer/Internet security issue, this does not bode well for those web designers and developers who have taken a design-for-IE-only stance. Consider that IE's marketshare, once 94% and above, recently dropped to 85% and has been shrinking for some time:

• Upsdell Browser News
• w3schools.org

These show some 15% of users surfing with non-Microsoft browsers such as Opera, Mozilla and Firefox — a number that may be skewed too low due to the fact that Opera allows itself to be identified as Mozilla or IE. It may also be skewed outside of the U.S., where for various reasons, surfers may be using non-IE browsers.

That's a word to the wise for professional web designers. Failing to utilize web page coding that displays correctly according to web standards is not the wisest, most long-term, choice to make.