German security agency tells users to drop IE

Powered by SC Magazine
 

Auf wiedersehen, Internet Explorer.

Germany's key cybersecurity agency has urged users to stop using Microsoft's widespread Internet Explorer until further notice, after zero-day vulnerability was recently discovered in the web browser.

The Federal Office for Information Security, otherwise known as BSI, recommended users "switch to an alternative browser" until Microsoft patches the flaw.

Security experts have suggested it could take a week for that to occur.

The agency does not recommend any particular browser to use instead, however.

The vulnerability is understood to affect Internet Explorer versions 7, 8 and 9 running on Windows XP, Vista or Windows 7 operating systems.

Internet Explorer 10, the default browser for Windows 8 and a preview of which is available for Windows 7, is not affected by the vulnerability.

It is feared that malicious websites could use the flaw to run arbitrary code on remote systems with the logged in user's privileges.

BSI said the attack code for the vulnerability was freely available on the internet and expected it to be widely and quickly used by miscreants.

Microsoft has yet to release a security patch for Internet Explorer, but has issued a security advisory for the vulnerability.

The company suggested workarounds to mitigate the problem, including deploying the Enhanced Mitigation Experience Toolkit, setting Internet and Local intranet security zone settings to "High" in order to block ActiveX Controls and Active Scripting, and also enabling prompting for the same scripts.

In enabling the mitigation measures, Microsoft warned that internet and intranet websites using Active X or Active Scripting, such as banks or retailers, ordering forms or account statements, may stop working.

Internet Explorer users are advised to add such websites to the Trusted Sites Zone, to continue to use them.

Copyright © iTnews.com.au . All rights reserved.


German security agency tells users to drop IE
 
 
 
Top Stories
Australia passes data retention into law
Mammoth last-ditch effort by Greens, indies knocked back.
 
Turnbull introduces bill to block piracy websites
Takes ownership of legislation from Brandis.
 
ATO to kill off e-Tax
Veteran software to be replaced by more modern myTax.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Do you support the Government's data retention scheme?

   |   View results
Yes
  8%
 
No
  92%
TOTAL VOTES: 1319

Vote