Serious security flaws found in Internet Explorer
Friday, December 19th, 2008
Security experts suggests users of Microsoft’s Internet Explorer to switch to a rival browser until a serious security flaw has been fixed.
The flaw in Internet Explorer could allow hackers and criminals to take control of users’s computers and steal their passwords. Microsoft urged people to be vigilant while it investigated and prepared an emergency patch to resolve it.
Internet Explorer is used by the vast majority of the world’s computer users. “Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer,” said the firm in a security advisory alert about the flaw.
The security flaws attacks against IE 7.0 but said the “underlying vulnerability” was present in all versions of the browser. Other browsers, such as Firefox, Opera, Chrome, Safari, are not vulnerable to the flaw Microsoft has identified.
10,000 websites have been compromised since the vulnerability was discovered, report says.
PC Pro magazine’s security editor, Darien Graham-Smith, said that there was a virtual arms race going on, with hackers always on the look out for new vulnerabilities. “The message needs to get out that this malicious code can be planted on any web site, so simple careful browsing isn’t enough.”
Every browser is susceptible to vulnerabilities from time to time. It’s fine to say ‘don’t use Internet Explorer’ for now, but other browsers may well find themselves in a similar situation.
MICROSOFT SECURITY ADVICE
- Change IE security settings to high (Look under Tools/Internet Options)
- Switch to a Windows user account with limited rights to change a PC’s settings
- With IE7 or 8 on Vista turn on Protected Mode
- Ensure your PC is updated
- Keep anti-virus and anti-spyware software up to date
