Check Point Research (CPR) has identified a critical zero-day spoofing attack exploiting Microsoft Internet Explorer on modern Windows 10/11 systems, despite the browser’s retirement.
What’s nasty is that ~32x32 preview image. That’s the real travesty here.
Hmm windows 11 doesn’t anymore contain IE? It is one of the challenges for some legacy “IE only” enterprise Web apps, and causing migration issues.
No one definaly should not be using those apps anymore, but world is full of crazy legacy code that orgs don’t have will to fix them.
Will or funding. Replacement of a system that initially cost 5mil to install and configure in 2009 is gonna cost 2x that at least to replace.
I’ve seen corporate networking equipment (Cisco) released in the early 2010s whose admin console uses ActiveX controls and only runs on IE. I think by then it was pretty clear that this was not the technology of the future. But even a big company like Cisco was still doing this.
This is why the tech world infuriates me. Back in the 2000s I already knew that ActiveX was a proprietary piece of shit, yet companies still spent millions using it because, fuck it, the slaves will spend all their deadlines switching to a new technology, instead of using their brains and writing cross-platform applications in neutral languages. Sorry for the rant but I’ve seen this way too many times. They burn money because they can and they don’t care.