U.S., UK advise avoiding Internet Explorer until bug fixed

BOSTON Mon Apr 28, 2014 2:45pm EDT

The Microsoft logo is seen at their offices in Bucharest March 20, 2013. REUTERS/Bogdan Cristel

The Microsoft logo is seen at their offices in Bucharest March 20, 2013.

Credit: Reuters/Bogdan Cristel

BOSTON (Reuters) - The U.S. and UK governments on Monday advised computer users to consider using alternatives to Microsoft Corp's Internet Explorer browser until the company fixes a security flaw that hackers used to launch attacks.

The Internet Explorer bug, disclosed over the weekend, is the first high-profile computer threat to emerge since Microsoft stopped providing security updates for Windows XP earlier this month. That means PCs running the 13-year-old operating system will remain unprotected, even after Microsoft releases updates to defend against it.

The Department of Homeland Security's U.S. Computer Emergency Readiness Team said in an advisory released on Monday that the vulnerability in versions 6 to 11 of Internet Explorer could lead to "the complete compromise" of an affected system.

The recently established UK National Computer Emergency Response Team issued similar advice to British computer users, saying that in addition to considering alternative browsers, they should make sure their antivirus software is current and regularly updated.

Versions 6 to 11 of Internet Explorer dominate desktop browsing, accounting for 55 percent of global market share, according to research firm NetMarketShare.

Boldizsár Bencsáth, assistant professor with Hungary's Laboratory of Cryptography and Systems Security, said the best solution was to use another browser such as Google Inc's Chrome or Mozilla's Firefox.

DELAYED UPGRADES

Security experts have long been warning Windows XP users to upgrade to Windows 7 or 8 before Microsoft stopped supporting it at the beginning of this month.

The threat that emerged over the weekend could be the wakeup call that prompts the estimated 15 to 25 percent of PC users who still use XP to dump those systems.

"Everybody should be moving off of it now. They should have done it months ago," said Jeff Williams, director of security strategy with Dell SecureWorks.

Roger Kay, president of Endpoint Technologies, expects several hundred million people running Windows XP to dump those machines for other devices by the end of the year.

They will be looking at Windows machines as well as Apple Inc's Macs and iPads along with Google's Chrome laptops and Android tablets, he said.

"Not everybody will necessarily go to Windows, but Microsoft has a good chance at getting their business," he said. "It's got to be a good stimulus for the year."

News of the vulnerability surfaced over the weekend. Cybersecurity software maker FireEye Inc warned that a sophisticated group of hackers have been exploiting the bug in a campaign dubbed "Operation Clandestine Fox."

(Reporting by Jim Finkle. Additional reporting by Paul Sandle in London.; Editing by Richard Valdmanis, Tom Brown and Cynthia Osterman)

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (25)
Lmao – the ONLY time I ever use MSIE is when I HAVE to, because the U.S. Courts (PACER/ CM-ECF) system requires it for proper function – ya know, the US government? Irony much?

Apr 28, 2014 10:58am EDT  --  Report as abuse
majkmushrm wrote:
Ah, yes. Another day, another hole in Windows. Don’t kid yourselves this isn’t just IE. Thanks to the way that Microsoft integrated IE into the Windows operating application as part of their monopolistic business model back in the ’90s, they can’t just fix IE. That’s why people still using XP are in trouble – Microsoft won’t provide the OS fixes for XP, only their later versions of their operating application. If Windows was a real operating system, like Unix, you could just fix IE and everything would be fine.

Apr 28, 2014 11:05am EDT  --  Report as abuse
nose2066 wrote:
And the reason Internet Explorer is such a problem is because Microsoft integrated Explorer into the operating system in order to use their monopoly in desk top operating systems to create another monopoly in browser software???

Not only are there “too big to fail” banks, so now there are also “too big to fail” software companies???

Apr 28, 2014 11:14am EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

Pictures