It's not often that the US or UK governments weigh in on the browser wars, but a new Internet Explorer vulnerability that affects all major versions of the browser from the past decade has forced it to raise an alarm: Stop using IE.
The zero-day exploit, the term given to a previously unknown, unpatched flaw, allows attackers to install malware on your computer without your permission. That malware could be used to steal personal data, track online behavior, or gain control of the computer. Security firm FireEye, which discovered the bug, said that the flaw is being used with a known Flash-based exploit technique to attack financial and defense organizations in the US via Internet Explorer 9, 10, and 11. Those versions of the browser run on Microsoft's Windows Vista, Windows 7, and Windows 8, although the exploit is present in Internet Explorer 6 and above.
While the Computer Emergency Readiness Team in England and the US regularly issue browser advisories, this is one of the few times that the CERT team has recommended that people avoid using a specific browser.
FireEye recommends that if you can't switch browsers, then you disable Internet Explorer's Flash plug-in. You also can use IE with Microsoft's Enhanced Mitigation Experience Toolkit security app, but that will not be as secure as simply switching browsers. Full story...
Related posts:
The zero-day exploit, the term given to a previously unknown, unpatched flaw, allows attackers to install malware on your computer without your permission. That malware could be used to steal personal data, track online behavior, or gain control of the computer. Security firm FireEye, which discovered the bug, said that the flaw is being used with a known Flash-based exploit technique to attack financial and defense organizations in the US via Internet Explorer 9, 10, and 11. Those versions of the browser run on Microsoft's Windows Vista, Windows 7, and Windows 8, although the exploit is present in Internet Explorer 6 and above.
While the Computer Emergency Readiness Team in England and the US regularly issue browser advisories, this is one of the few times that the CERT team has recommended that people avoid using a specific browser.
FireEye recommends that if you can't switch browsers, then you disable Internet Explorer's Flash plug-in. You also can use IE with Microsoft's Enhanced Mitigation Experience Toolkit security app, but that will not be as secure as simply switching browsers. Full story...
Related posts:
- Microsoft rushes to fix Internet Explorer after attacks; no fix for Windows XP users...
- NSA said to exploit Heartbleed bug for intelligence for years...
- Heartbleed: don't rush to update passwords, security experts warn...
- Germany warns users of Internet Explorer security problems...
- Microsoft just exposed email's ugliest secret...
- Romanian man kills himself and four-year-old son because of malware on computer...
No comments:
Post a Comment