Given that I’m so prone to criticising Microsoft, I have to give them credit for moving so rapidly to provide a patch for the recently discovered vulnerability in Internet Explorer.
One little niggle: The email subject line “Out-of-Band Microsoft Security Bulletin Summary for December 2008” isn’t exactly clear. It uses terminology (“Out-of-Band”) relating to MS’s update release strategy that probably makes no sense whatsoever to most people, who won’t even be aware of the monthly patch strategy. “Out-of-Band” is such a recondite term, being a technical usage that Microsoft are metaphorically relating to what is primarily a social issue of encouraging people to install an update, that it serves to obscure the importance of said update. What’s wrong with the word “Urgent”?
Still, leaving my obligatory whining aside, the number of versions and configurations patched makes it very clear that all users of Internet Explorer must install this one – and if your system isn’t supported, you really should upgrade.
What impresses me about this update is that it includes support for systems and versions so old that no web developer supports them anymore. This demonstrates that although we web devs may be able to pick and choose what we worry about through graded browser support (as do, for example, Yahoo! and the BBC), there are nonetheless software developers out there, grappling with old C or C++ code, who are doing the desperately difficult job of supporting users of older systems. The list of systems and versions they had to be sure to fix, and test, is available at Microsoft’s site: seventeen different combinations of operating system and browser version. Seventeen!
Think about fixing and testing that little lot next time you’re upset by the 3-pixel text jog 😉