OK, so picking on Microsoft’s so-called security isn’t exactly a challenge. But I’m long overdue for some good old-fashioned MS bashing…
Let’s say you’re interested in finding an Internet Explorer bug that will let you spoof a website, fooling people into thinking they’re on one site when they’re really on another. Well, here ya go.
Or maybe you’re interested interested in a bug that can fool you into running a malicious executable on your machine under the guise of clicking an innocent looking link. A bug that has been called “devastating” and “(appears) to be unfixable”. Got that, too.
But hey, at least Microsoft’s looking out for you (emphasis mine):
The most effective step that you can take to help protect yourself from malicious hyperlinks is not to click them. Rather, type the URL of your intended destination in the address bar yourself.
That’s right—Microsoft’s solution is to not click on links. So how are you supposed to protect yourself from the umpteen Outlook viruses and worms? By just throwing your e-mails at each other in lieu of clicking/opening them in Outlook? Sheesh.