lol, this is pretty funny too: http://www.microsoft.com/windows/internet-explorer/get-the-facts/browser-comparison.aspx

Oh silly Microsoft.

You guys gotta see this:

http://www.webmonkey.com/blog/Taking_Microsoft_to_Task_Over_IE8__Myths_

Personally I would like to watch Microsoft burn..

firefox keep losing password and singing me out..

google chrome is like a smail these days (i don't even bother using it

lol, this is pretty funny too: http://www.microsoft.com/windows/internet-explorer/get-the-facts/browser-comparison.aspx

Myth #2: Internet Explorer is less secure than Firefox.

The Real Deal: Research proves that Internet Explorer 8 catches almost twice as much malware than the competition. That's "less secure?"

Internet Explorer was the first browser to integrate features that protect you against phishing and malware, and the first to embed domain highlighting, Cross-Site scripting protection, InPrivate filtering—the list goes on and on. It involves a lot of technical jargon, but the point is, Internet Explorer 8 is the only browser to offer this level of security right out of the box.

Myth #3: Firefox is a richer, more adaptable browser than Internet Explorer.
The Real Deal: Internet Explorer 8 has much more functionality than other browsers, built in from the minute you open it.

Did you know that there are more than 1,700 Internet Explorer 8 add-ons available at the Add-ons Gallery, with more being added every day? Partners all over the world are building Accelerators, Web slices, and Visual Search plug-ins for your browser, including Facebook, Amazon, eBay, and much more.

Myth #4: Internet Explorer doesn't play well with Web standards.

The Real Deal: Internet Explorer 8 passes more of the World Wide Web Consortium's test cases than any other browser.

Microsoft made a big commitment to standards with Internet Explorer 8. In addition to passing more of the official CSS 2.1 test suites than any other browser, Microsoft got really hands-on in the overall testing process by developing and contributing thousands of new tests for the consortium.

http://www.itpro.co.uk/612451/security-flaw-hits-internet-explorer

Security flaw hits Internet Explorer
Microsoft has warned that a dangerous unpatched zero-day bug is leaving Internet Explorer users open to attack.

By Asavin Wattanajantra, 7 Jul 2009 at 11:36

Hackers are exploiting an unpatched vulnerability in Microsoft Video Active X Control to target Internet Explorer users.
..........................more at address above.........................

Microsoft Security Advisory (972890)
Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution
Published: July 06, 2009

Version: 1.0

Microsoft is investigating a privately reported vulnerability in Microsoft Video ActiveX Control. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention.

We are aware of attacks attempting to exploit the vulnerability.

Our investigation has shown that there are no by-design uses for this ActiveX Control in Internet Explorer which includes all of the Class Identifiers within the msvidctl.dll that hosts this ActiveX Control. For Windows XP and Windows Server 2003 customers, Microsoft is recommending removing support for this ActiveX Control within Internet Explorer using all the Class Identifiers listed in the Workaround section. Though unaffected by this vulnerability, Microsoft is recommending that Windows Vista and Windows Server 2008 customers remove support for this ActiveX Control within Internet Explorer using the same Class Identifiers as a defense-in-depth measure.

Customers may prevent the Microsoft Video ActiveX Control from running in Internet Explorer, either manually using the instructions in the Workaround section or automatically using the solution found in Microsoft Knowledge Base Article 972890. By preventing the Microsoft Video ActiveX Control from running in Internet Explorer, there is no impact to application compatibility.

We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.

Microsoft is currently working to develop a security update for Windows to address this vulnerability and will release the update when it has reached an appropriate level of quality for broad distribution.

Mitigating Factors:

• Customers who are using Windows Vista or Windows Server 2008 are not affected because the ability to pass data to this control within Internet Explorer has been restricted.

• By default, Internet Explorer on Windows Server 2003 and 2008 runs in a restricted mode that is known as Enhanced Security Configuration. Enhanced Security Configuration is a group of preconfigured settings in Internet Explorer that can reduce the likelihood of a user or administrator downloading and running specially crafted Web content on a server. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See also Managing Internet Explorer Enhanced Security Configuration.

• By default, all supported versions of Microsoft Outlook and Microsoft Outlook Express open HTML e-mail messages in the Restricted sites zone. The Restricted sites zone helps mitigate attacks that could try to exploit this vulnerability by preventing Active Scripting and ActiveX controls from being used when reading HTML e-mail messages. However, if a user clicks a link in an e-mail message, the user could still be vulnerable to exploitation of this vulnerability through the Web-based attack scenario.

• In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site.

• An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Microsoft Warns Of 'Browse-And-Get-Owned' Attack

Attacks have been reported that attempt to exploit an unpatched vulnerability in Microsoft's Video ActiveX Control.

By Thomas Claburn
InformationWeek
July 7, 2009 01:55 PM

Microsoft on Monday issued a security advisory about a zero-day vulnerability in the Microsoft Video ActiveX Control. The flaw could allow a remote unauthenticated attacker to execute malicious code on computers running Windows XP and Windows 2003 Server.

"A browse-and-get-owned attack vector exists," acknowledged Microsoft security engineer Chengyun Chu on the company's Security Research & Defense blog. "A user needs to be lured to navigate to a malicious Web site or a compromised legitimate Web site to be affected. No further user interaction is needed."

And legitimate Web sites may be compromised merely by hosting content submitted by users. Such content or advertisements could be crafted to exploit the Video ActiveX Control vulnerability.

Chu notes that Outlook Express and Outlook will open HTML e-mail messages in the Restricted sites zone by default. This prevents ActiveX controls from being used when reading those messages. However, clicking on a link in such a message could still initiate a browser-based attack.

The specific vulnerable file is Microsoft's MPEG2TuneRequest ActiveX Control Object. The company recommends setting the kill-bit on this ActiveX object as a workaround until a patch is released.

Microsoft provides a link on its Security Research & Defense blog that will disable the vulnerable ActiveX control.

In February, Microsoft issued a security advisory about a zero-day Excel 2007 vulnerability. It issued a fix for the flaw during its April patch cycle.

In June, Microsoft issued set of software patches that addressed 31 vulnerabilities in 10 separate security bulletins, the largest number of vulnerabilities fixed in a single day since the company began issuing regular patches on the second Tuesday of every month in October 2003.

Microsoft plans to release its July patches next Tuesday. It's unlikely the company will have had enough time to prepare a patch for the Video ActiveX control vulnerability.