German security agency tells users to drop IE

Powered by SC Magazine
 

Auf wiedersehen, Internet Explorer.

Germany's key cybersecurity agency has urged users to stop using Microsoft's widespread Internet Explorer until further notice, after zero-day vulnerability was recently discovered in the web browser.

The Federal Office for Information Security, otherwise known as BSI, recommended users "switch to an alternative browser" until Microsoft patches the flaw.

Security experts have suggested it could take a week for that to occur.

The agency does not recommend any particular browser to use instead, however.

The vulnerability is understood to affect Internet Explorer versions 7, 8 and 9 running on Windows XP, Vista or Windows 7 operating systems.

Internet Explorer 10, the default browser for Windows 8 and a preview of which is available for Windows 7, is not affected by the vulnerability.

It is feared that malicious websites could use the flaw to run arbitrary code on remote systems with the logged in user's privileges.

BSI said the attack code for the vulnerability was freely available on the internet and expected it to be widely and quickly used by miscreants.

Microsoft has yet to release a security patch for Internet Explorer, but has issued a security advisory for the vulnerability.

The company suggested workarounds to mitigate the problem, including deploying the Enhanced Mitigation Experience Toolkit, setting Internet and Local intranet security zone settings to "High" in order to block ActiveX Controls and Active Scripting, and also enabling prompting for the same scripts.

In enabling the mitigation measures, Microsoft warned that internet and intranet websites using Active X or Active Scripting, such as banks or retailers, ordering forms or account statements, may stop working.

Internet Explorer users are advised to add such websites to the Trusted Sites Zone, to continue to use them.

Copyright © iTnews.com.au . All rights reserved.


German security agency tells users to drop IE
 
 
 
Top Stories
Westpac interim CIO resigns
Group CIO yet to be appointed.
 
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
A call for timely reporting
[Blog post] Businesses need incentives to keep customer data secure.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  26%
 
Application integration concerns
  3%
 
Security and compliance concerns
  29%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  5%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 871

Vote