According to ExtremeTech, Spider.io, a UK-based advertising analytics company, alleged that two unnamed companies are improperly using the Internet Explorer security flaw to track whether display advertisements, sometimes buried far down in web pages, are actually viewed by users. Supposedly other ad analytics companies are aware of the flaw but have deliberately decided to not take advantage of Microsoft’s error.
Dean Hachamovitch, Microsoft corporate vice president for its Internet Explorer division, disagrees with Spider.io’s assessment:
“The underlying issue has more to do with competition between analytics companies than consumer safety or privacy. … We are actively working to adjust this behavior in IE and will provide more information when it is available.”
Spider.io alleges that clicks on a virtual keyboard could be tracked and thus viruses or malware could take advantage of the Internet Explorer flaw to monitor this minority of users. Microsoft rejects this allegation, claiming that this exploit still does not give an attacker any information about the type of content the mouse cursor is hovering over.
Hachamovitch did not seem too worried about possible exploits according to TechRadar:
“The theoretical use of this behavior to compromise the safety or privacy of consumers is something Microsoft’s security team has discussed with researchers across the industry. Getting all the pieces to line up in order to take advantage of this behavior… is hard to imagine.”
Microsoft plans on contacting companies that are using the Internet Explorer flaw as part of their ad-tracking metrics. Hopefully they will release a patch soon. The worst part about this news is that this flaw affects pretty much all currently used versions of Internet Explorer, all the way from version 6 to the recently released version 10 featured in Windows 8.
Now that you know that Internet Explorer has this mouse tracking security flaw will you still stick with Microsoft’s web browser or switch to an alternative like Google Chrome or Mozilla Firefox?