Germany Warns Against Using Internet Explorer


internet-explorerWith new evidence suggesting that a vulnerability in Internet Explorer (IE) led to cyber attack against Google, the German government has warned against the use of IE browser.

The Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI) issued a warning saying that the Web users should find an alternative browser to IE until Microsoft fixes the security flaw.

The IE’s vulnerability resulted in recent attacks against Google and other companies from a range of sectors including the Internet, finance, technology, media, and chemical. The hack led to the theft of intellectual property from the companies.

According to the anti-virus firm Sophos, users are at a high risk as the Internet Explorer attack code is now available online. The exploit code named ‘Aurora’ is publically available on several mailing lists.

A hacker can use unauthorized software to access companies’ internal systems.

“The public release of the exploit code increases the possibility of widespread attacks using the Internet Explorer vulnerability,” stated McAfee’s Chief Technology Officer George Kurtz.

The warning applies to 6, 7 and 8 versions of the browser, but the “attack is especially deadly on older systems that are running XP and Internet Explorer 6,” he added.

Microsoft Rejects Warning

Microsoft has admitted that its Web browser is a weak link leading to cyber attacks, but it has downplayed the warning by German authorities.

The company explained that the risk to the users was low as its browser offers increased security.

The risk can be nullified by setting the browser’s security zone to “high”, stated Microsoft’s spokesperson Thomas Baumgaertner in Germany.

Reassuring the Web users, he stated that these “were not attacks against general users or consumers,” adding that the Google attack was carried out by “highly motivated people with a very specific agenda.”

Understanding users’ concerns, Microsoft assured that they are analyzing the exploit and that developers are working to fix the problem.

Traditionally, the company releases security patches every month. The next updates are scheduled for Feb. 9. But it is hoped that Microsoft will soon release an emergency patch to fix the current problem.

{The Money Times/Noam Newscenter}