In an unusual move, the United States Computer Emergency Readiness Team and its counterpart in the United Kingdom say that users of Microsoft’s Internet Explorer (IE) web browser should consider using an “alternate browser” until the security hole is patched.
The latest vulnerability is a “zero-day” exploit- so named as to represent a flaw or vulnerability that has no known fixes- that allows a hacker to install malware on your computer without your knowledge and/or permission. These attackers compromise remote computers for a variety of reasons but they can be used to steal personal information, track user behavior, record keystrokes and even gain control of the system for other, nefarious purposes.
Computer security firm FireEye discovered the bug and indicated that it is currently being used along with a known Flash-based exploit to target government and financial services installations. Version affected include IE 9, 10 and 11.
Although browser advisories are not necessarily a new thing for the Computer Emergency Readiness Team, this is one of the first times that I’m aware of when they were so specific and direct about NOT using a particular browser due to a security exploit.
By far the simplest way to address this issue is to STOP USING IE until it is patched, tested and re-certified as safe. There are several alternative web browsers available including, but not limited to, FireFox and Google Chrome. They work well on multiple operating systems and platforms and, in my view, provide better rendering of web pages due to better adherence to existing web standards.
In a statement, Microsoft told CNET, “On April 26, 2014, Microsoft released Security Advisory 2963983 to notify customers of a vulnerability in Internet Explorer. At this time we are aware of limited, targeted attacks. We encourage customers to follow the suggested mitigations outlined in the security advisory while an update is finalized.”
For more information, please feel free to get in touch with our sales or support department who would be happy to talk with you more about this new vulnerability and ensure that you’re taking the correct precautions to prevent unwanted and malicious access to your computer.