France, Germany Cautions Users of Microsoft’s Internet Explorer
Govt. officials from France and Germany cautioned people against using Internet Explorer web browser of Microsoft Corp. The warning was issued by the government after the discovery of malicious code in latest attacks by hackers on Google in China, stealing Google's intellectual property.
Both French and German authorities have recommended users of Internet Explorer to use another browser until the security flaw is addressed properly.
Although the reports reveal that Microsoft verified the technical details in the German and French advisories, the company has refused to concur with the suggestions of switching to other browsers.
Microsoft stated in a statement that it is noteworthy that every software has flaws and the consequent switching of browsers against these highly exposed but presently limited attacks can unintentionally lead to some bogus sense of safety.
A spokeswoman for Microsoft repeated a former proposal by Microsoft that Web users may reduce such security risk by upgrading to the recent version of its browser (Internet Explorer 8), which she claimed includes security provisions that makes it tougher to abuse the said vulnerability as compared to other versions. Microsoft added that the malicious code developed to exploit the vulnerability has been successful only against the browser's older version, i.e. Internet Explorer 6.
Microsoft suggests users to set the Internet Explorer's security zone to "high", though this can lead to blockage of some sites and restrictive functionality.
Security researcher with security firm Sophos, Graham Cluley, opined that as the details of the attack are available online now, the attackers would not waste time to change the code to hit other versions of the browser, as per the news published by nzherald.co.nz on January 19, 2010.
Cluley also added that since every browser has one or the other security issues, therefore changing browser can just expose users to a different sort of risk. According to the reports, Microsoft has released an emergency patch for the security flaw in order to lessen the damage to some extent.
Related article: France too Falls Prey to Chinese Hackers
» SPAMfighter News - 28-01-2010