“The selection event handler script then writes a character to the web page. This, for reasons best known to Microsoft, causes the browser to delete the original command object and free its memory.”
That’s the fatal flaw in multiple versions of Internet Exploder. What were they thinking? That the browser deletes an object in use shows the action was deliberate. Did M$’s programmers fail Comp. Sci. 101? Did all the $billions invested in code-checking go to waste? Yes. What about the dual teams of programmers? Were they both in the pub when that lecture was given? The next time someone tells me how wonderful M$’s software is and how impossible it would be to do better, this article should come to mind,
This is characteristic of spaghetti-code. The stuff is running every which-way and off the plate… That the application does something for no reason/illogically/for no benefit, and that action causes the application to melt shows that the code was hidden under the spaghetti somehow. Either that or one of M$’s programmers was in a bad mood. With all the redundancy that M$ can afford, there isn’t much explanation that stands except that the stupidity was hidden under the bloat or the authour or his code-checker of the other guy would have done it differently or spotted the error. Instead we have hundreds of millions of PCs at risk. Without seeing the code we should expect other such vulnerabilities to emerge in the future. The fix is not to remove the bloat after all but to fix the bug but not its brothers.