Chinese Hackers Attacked Google Through Internet Explorer?

If you follow the news even vaguely, then you've heard about Google's announcement that it may exit the Chinese market in response to hacker attacks originating in China that sought to access the private information of human rights advocates. I've argued that whether Google stays or not, such attacks aren't likely to stop. So I don't really see what Google expects to gain from leaving now, as opposed to months or years ago. But today a new wrinkle emerges: the attacks occurred as a result of an unknown flaw in Microsoft Internet Explorer.

Here's the news blurb, via PCWorld:

Microsoft Security Response Center director Mike Reavey said in an e-mailed statement "This afternoon, Microsoft issued Security Advisory 979352 to help customers mitigate a Remote Code Execution (RCE) vulnerability in Internet Explorer. The company has determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks targeted against Google and other corporate networks."

Am I the only one that finds this an interesting plot twist? Microsoft provided the window through which the Chinese hackers crawled through. A few thoughts about this:

First, what is Google doing using Internet Explorer? Shouldn't it be running its own Google Chrome browser instead? Or at least Mozilla Firefox?

Maybe the excuse here is that it's impossible for a software company like Google to entirely avoid using Internet Explorer. After all, if it wants to produce browser-agnostic software, then it needs to test its systems in all varieties. So it probably can't avoid IE altogether, but I wonder if it's planning to use it even less now, particularly for its external Internet usage unreleated to product testing.

Second, this story is another blow for Internet Explorer. The Google-China spat is big news right now, and this thrusts Microsoft in the center of it. As I mentioned a few months ago, IE is already beginning to give up small chunks of its market share each month to other browsers like Firefox and Chrome. Could this push firms affected by the Chinese attack to also begin exploring other browser alternatives? Will the rest of the Internet-using public take notice?

If Google really wants to live its "don't be evil" mantra, then it might consider starting an antivirus unit of its own, and/or developing its Chrome browser to be virus proof. In my opinion, other than physical violence, there are few things more evil than computer viruses. They plague unsuspecting Internet users and lead to stolen identities, invasions of privacy, stolen property and incredible inconvenience.

I consider computer viruses technological weapons of mass destruction, and the hackers who create them terrorists. As these foreign-based attacks continue to become more common, the U.S. might want to consider putting more of its defense budget towards preventing them. I don't begin to doubt that millions of dollars are lost each year because of virus attacks. Eventually that tally will reach the billions, if it hasn't already.