Technology News

latest updates from easySERVICE™

Switch to Chrome or Firefox until Microsoft fixes the security flaw affecting all versions of Internet Explorer

Internet-Explorer-10

Government security response teams are urging Windows users to consider Chrome or Firefox as their default browser until Microsoft delivers a security fix for a new flaw affecting all versions of Internet Explorer.

Computer emergency response teams (CERTs) in the US, the UK, and Sweden have advised Windows users to consider avoiding Internet Explorer until Microsoft fixes the vulnerability.

Microsoft over the weekend confirmed the flaw was being exploited in “limited, targeted attacks”, which use a rigged Flash file hosted on attack websites to net victims. Attackers that successfully exploit the flaw affecting IE 6 to IE 11 could gain the same user rights as the original user, according to Microsoft.

The company has yet to announce whether it will release an out of band patch or wait until the next Patch Tuesday, scheduled for 13 May, to deliver a fix. It will also be the first patch update from Microsoft that excludes Windows XP, which still runs on around 29 percent of the world’s PCs.

Microsoft has outlined a number of ways to mitigate the attacks, including by deploying its EMET (Enhanced Mitigation Experience Toolkit) version 4.1 or activating Enhanced Protected Mode available in IE 10 or IE 11 — a feature that isn’t available in earlier versions of the browser. Security vendor FireEye, which first reported the flaw, also noted that the attacks currently rely on Flash to work, so it’s advised users to disable the Flash plugin in IE.

However, given Microsoft’s end of support for XP, US CERT is encouraging those that cannot follow Microsoft’s recommendations to “consider employing an alternate browser”.

Sweden’s and the UK’s CERTs have also provided similar advice.

“Users should also consider using alternative browsers, such as Google Chrome and Mozilla Firefox; and ensure that their antivirus software is current and regularly updated,” CERT-UK said in its advisory.

One option XP users have to mitigate the threat is by unregistering the VGX.DLL file, according to security firm Sophos.

Source: Associated Press

 

Advertisements

One comment on “Switch to Chrome or Firefox until Microsoft fixes the security flaw affecting all versions of Internet Explorer

  1. StellarPhoenixS
    December 22, 2014

    Reblogged this on Stellar Phoenix Solutions.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: