Posted on Mon, Jan 12, 2009 @ 06:00 PM
It is with interest that I read the recommendations for dealing with the latest, albeit critical, vulnerability in Internet Explorer--change to a different browser like Firefox, Safari, Chrome, anything other than IE. While I don't dispute the criticality of the vulnerability, what I do question is the expectation that large organizations, including federal agencies, are going to replace thousands (tens of thousands possibly) of installations of IE based on the severity of one vulnerability.
There are other recommendations that may be more feasible to implement in a quicker time frame. If everyone were to magically change browsers to say Firefox, what would happen if a critical vulnerability were discovered in that application? Do we keep changing applications everytime a critical vulnerability is found?