“A series of highly publicized security vulnerabilities found in Microsoft’s Internet Explorer Web browser may be having an effect on the browser’s market share, according to data compiled by WebSideStory, a San Diego Web metrics company. Over the last month, Internet Explorer’s share of the browser market dropped by 1 percent, the first noticeable decline since WebSideStory began tracking the browser market in late 1999,” Robert McMillan reports for IDG News Service.
“‘It’s the first time that we’ve seen a sustained trend downward for them,’ said Geoff Johnston, an analyst with WebSideStory. ‘We have a very steady trend. It’s been about a month, and every day we have a steady incremental change,'” McMillan reports.
“Internet Explorer has held more than 95 percent of the browser market since June 2002, and until June had remained steady with about 95.7 percent of the browser market, according to WebSideStory’s measurements. Over the last month, however, its market share has slowly dropped from 95.73 percent on June 4 to 94.73 percent on July 6,” McMillan reports. “A loss of 1 percent of the market may not mean much to Microsoft, but it translates into a large growth, proportionately, in the number of users running Mozilla and Netscape-based browsers. Mozilla and Netscape’s combined market share has increased by 26 percent, rising from 3.21 percent of the market in June to 4.05 percent in July, Johnston said.”
Full article here.
Related MacDailyNews articles:
Apple Safari browser shows increase in global usage share – May 29, 2004
Security firm warns of new Internet Explorer flaw, advises ‘use a different browser’ – July 01, 2004
Securty expert: Microsoft Internet Explorer ‘just cannot be trusted, use alternate browser’– July 02, 2004
IT managers loath to switch from flawed Microsoft Internet Explorer – July 07, 2004
It is just summer time.. so all are taking a break.
“the first noticeable decline since WebSideStory began tracking the browser market in late 1999”
Or quite a few summers, IT guy. MSIE is getting ditched.
dropped from 5 of our computers…
If that means the end of proprietary web sites that use insecure MS technologies and excludes all other operating systems and web browsers, then everyone will beneift – except Microsoft. Too bad for them. That’s their attitude towards everyone else. Too bad for them. So why should we care if they implode? The world can only benefit from the loss of this particular monopoly. We might miss Office for a while, but the one on OS X is so good now, I could be happy with it for years, until open source becomes the standard.
Ah, we can dream…
I’ve convinced a few of my Windoze friends to switch to Firefox as a result of the latest issues. I of course use both Safari and Firefox on my Mac and trashed IE from my HD a long ago.
Did my part says…
dropped from 5 of our computers…
Did you really what if I open a MyComputer window and then type in a HTTP or HTTPS or FTP protocol address then what will happen ???
IE is built into the OS it is the engine that renders and powers the file browser…
That is just one of the many reasons why Windows is such a mess.
On a side-note what about the problems with Safari again…
“Frame Injection Vulnerability”
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
Give it a try… Am I actually at my banks site or not?
�
This is a good thing.
As the snowball rolls down the hill it gets bigger & bigger.
I hope that windoze users finally are waking up. So many that I have talked to seem to feel that viruses are a way of life and can’t seem to believe me when I tell them there are zero viruses for OS X.
p.356
must be me or Safari must not suffer from the issue. I tried with apple.com, instead of the Microsoft site (secunia says “a trusted site” and I do not trust Micros**t. No frame has been injected into the apple.com site.
Must be a problem with your bank or specific site. For example, it does not inject anything into wellsfargo.com.
Seems secunia is back to business again or does it work only with M$ ? No other site with frames has rendered anything from Secunia.
Jack A
here is going much better: it is not IE that is being dropped, it is Windows itself. Wintel PCs are being substituted quickly with Powerbooks.
Only problem toward scaling this to large crowds is that they are all Ph.D.s. They must grasp reality and react quicker than the average Joe Sixpack.
I am now surrounded with Macs of all sizes and forms.
And people is very pleased. All I hear is “Should have done that [switching, ndr] time ago”.
Last presentation I gave (reporting on WWDC) was full of dual-booters (Linux-Windows) and at least 10% of the audience came afterwards asking about which configuration to order or other questions of the kind “Can I do that once on the Mac?”.
The chairperson was also impressed by the fact that I put out my new 17″ for the presentation and unwrapped the connectors to plug the projector. “Oh, you mean you never used a projector yet with it?” in evident skepticism.
“Nope, why? Fear not, this is OS X: works first time always”
Of course it did and then he went telling me his own horror story to have his laptop PC using projectors around: he always allows himself not less than 30 mins to try and set his system up. Now he wants my old 15″ to give it a spin for a week before taking a decision. What shall I do?
” width=”19″ height=”19″ alt=”wink” style=”border:0;” />
Here’s how Secunia tries to baffle you.
If you open the source code of Microsoft website that they have listed, you can find the names of the frames that they have used. For example, the right hand side frame is referred to as: “fraRightFrame”.
So, what does Secunia do? They ask you to keep that open, and provide another link whose target is in “fraRightFrame”. Piece of code attached below.
/// Piece of source code Secunia’s page
Click Here:<br>
Inject Secunia.com into Microsoft.com<br>
<br><br>
3)<br>
Now, you can think of the frame naming as “global variables” in any programming language. From any function inside that program, you can change the value of that global variable.
The naming convention of frames in HTML is also along similar lines. Throughout the application (of any browser) the frame naming is common. Some of them choose not to do it (I suppose). So, how is this necessarily a vulnerability?
Here’s how someone can use this as a vulnerability. For example,
1. you visit a bank webpage (that uses frames). The information about your information etc. is in one frame of a browser window.
2. You visit a malicious site [say, one that is sponsored by secunia
” width=”19″ height=”19″ alt=”smile” style=”border:0;” /> ] that knows this bank site and the frame naming that they use and the exact format in which the information appears.
3. They will change that page into a similar page and when you press say submit, it will take all the information and send it to their website.
Ofcourse, there are a lot of assumptions behind this. But, you can figure out the impact that it might have. In my opinion, it is not that significant.
Here’s a hand-made example. If you click any of the links, you will have a new browser open. With that browser, left as is, try clicking on the second and third link.
Apple website.
<br><br>
Microsoft website.
<br><br>
CNN website.
<br><br>
According to http://w3.org (the world-wide web consortium), here’s how the naming is supposed to be resolved. If a browser does not behave the way that Secunia says that it should, then their code does not follow the W3 standard.
http://www.w3.org/TR/REC-html40/appendix/notes.html#notes-frames
———————–
B.8 Notes on frames
Since there is no guarantee that a frame target name is unique, it is appropriate to describe the current practice in finding a frame given a target name:
If the target name is a reserved word as described in the normative text, apply it as described.
Otherwise, perform a depth-first search of the frame hierarchy in the window that contained the link. Use the first frame whose name is an exact match.
If no such frame was found in (2), apply step 2 to each window, in a front-to-back ordering. Stop as soon as you encounter a frame with exactly the same name.
If no such frame was found in (3), create a new window and assign it the target name.
———————–
The cracks in the wall are getting bigger and bigger, we just need to keep pushing, and the wall will come down with a mighty crash.
Some more findings…
The microsoft webpage is opened in a target named “_blank” (default). If it is opened in anything else.. the second site does not load in the MS frame. (This is in Safari).
Safari shows up as a Mozilla browser in these stats. So do you think Safari is gaining any share? Just a thought.
re: Safari marketshare…
the recent Apple alliance with the likes of Mozilla ensures that marketshare won’t really matter.. as long as all these guys are obeying standards.. MS will be the one left out–left out with a 90%+ marketshare hehe…
The truth is most PC users don’t even change their desktop/wallpaper… they wouldn’t dare change their browser.
I defy someone to demonstrate to me that PC users are more comfortable than Mac users with actually tinkering with things like ‘default browser’ etc.
mike: I don’t know in what way MS will be the one left out.
As long as many websites are coded in such a way that they only work correctly with MSIE/Windows, it will remain the “standard” as long as it functions at all.
The fact that MSIE works that way makes it a “standard” whether we like it or not.
The same as the economic law says that the bad money drives out the good.
A long time ago, there should have been a law that all websites have to be coded to operate with all browsers. Might have been possible in the US, but definitely not possible internationally.
Hopefully, MSIE will collapse totally…….
Woohooo!! This is GREAT news!
People are discovering the beauty of tabbed browsing!!!!
Death to IE!
If you look at the code for MSIE-only compatible sites, it’s got some screwed-up HTML code. There really is no reason that programmers can’t program for all browsers and systems. Dreamweaver MX can do it. So have them all use Dreamweaver and not whatever else they were using.