According to this article, the recently uncovered SSL vulnerability in Internet Explorer is actually a bug in every Windows Operating system.
Microsoft officials said it makes sense for the operating system to provide cryptographic services to any application that needs it, instead of each application having to include its own cryptographic technology.
But Culp said that the SSL flaw doesn’t affect any other application outside Internet Explorer and that it’s a client-side issue only.
Sooooo, if the only program that uses the crypto functions is IE, why are the functions not part of the browser again? Please explain this to my poor confused brain…
current_music:
current_mood: amused