German security agency tells users to drop IE

Powered by SC Magazine
 

Auf wiedersehen, Internet Explorer.

Germany's key cybersecurity agency has urged users to stop using Microsoft's widespread Internet Explorer until further notice, after zero-day vulnerability was recently discovered in the web browser.

The Federal Office for Information Security, otherwise known as BSI, recommended users "switch to an alternative browser" until Microsoft patches the flaw.

Security experts have suggested it could take a week for that to occur.

The agency does not recommend any particular browser to use instead, however.

The vulnerability is understood to affect Internet Explorer versions 7, 8 and 9 running on Windows XP, Vista or Windows 7 operating systems.

Internet Explorer 10, the default browser for Windows 8 and a preview of which is available for Windows 7, is not affected by the vulnerability.

It is feared that malicious websites could use the flaw to run arbitrary code on remote systems with the logged in user's privileges.

BSI said the attack code for the vulnerability was freely available on the internet and expected it to be widely and quickly used by miscreants.

Microsoft has yet to release a security patch for Internet Explorer, but has issued a security advisory for the vulnerability.

The company suggested workarounds to mitigate the problem, including deploying the Enhanced Mitigation Experience Toolkit, setting Internet and Local intranet security zone settings to "High" in order to block ActiveX Controls and Active Scripting, and also enabling prompting for the same scripts.

In enabling the mitigation measures, Microsoft warned that internet and intranet websites using Active X or Active Scripting, such as banks or retailers, ordering forms or account statements, may stop working.

Internet Explorer users are advised to add such websites to the Trusted Sites Zone, to continue to use them.

Copyright © iTnews.com.au . All rights reserved.


German security agency tells users to drop IE
 
 
 
Top Stories
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  70%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 716

Vote