Microsoft patents 'HTML applications'

[Mictlantecuhtli]

This is a bit old story, but I didn't see threads about this.

Microsoft patents 'HTML applications'
Microsoft was awarded on Tuesday a patent by the US Patents and Trademarks Office on writing Windows applications in HTML, so making it possible to bypass the built-in security that browsers offer.

According the application, the patent (no. 6,662,341) covers writing a standard HTML file that runs in its own window outside of the browser. This means, according to the filing, that the author of an HTML application file won't face the security constraints imposed by a browser. This relaxed security allows an HTML author to do things such as: read from a user's local computer; write to a user's local computer and perform scripting of frames between domains.

...

Microsoft's patent appears to be platform agnostic, making it likely to apply to all operating systems including Linux and Unix. The operating system would recognise files to be run as applications by the HTML application file extension, .hta.

Well there's good news - no need to care about browser's security holes as it will be bypassed completely.

 

[MrGaribaldi]

LoL, I can just see it now...

MS attorney:
I'm sorry, but that isn't a bug in IE as you suggest, but rather a feature in windows letting you run html files as executables, with full access to your credit cards, Social Security number and bank accounts (as required to install and run Longhorn). So I'm afraid there is no basis for this lawsuit. Have a nice day!

 

[Nodsu]

Patenting security holes is the new money source for Microsoft. Imagine if they got a patent on "technology to load arbitrary code to remote computers and execute it" (buffer overrun) - they'd be rolling in cash.