Logo: Microsoft admitted last week that its browser was the weak link after hackers in China hacked Google
By Graham Smith-19th January 2010
France has followed Germany's lead and urged web users to avoid using Internet Explorer until Microsoft develops a patch to fix a security flaw that led to hacks against websites including Google.
Both French and Germans have now been instructed to use a browser other than Explorer to ensure their computer's security.
Certa, a French government agency that protects against cyber threats, warned against using all versions of the web browser.
The move comes just days after Germany's Federal Office for Information Security, or BSI, said even running Explorer in 'security mode' did not render it fully safe.
Microsoft admitted last week that its browser was the weak link after hackers in China hacked Google to pry into the email accounts of human rights activists.
It said the security hole can be closed by setting the browser's Internet security zone to 'high'.
Other German security experts have echoed the government warning, telling users to wait for Microsoft to develop a patch.
But the BSI insisted that setting Explorer's security setting to 'high' would not be sufficient enough to prevent further hacks.
'Using Internet Explorer in "secure mode", as well as turning off Active Scripting makes attacks more difficult, but can not fully prevent them,' the BSI said in a statement.
Thomas Baumgaertner, a Microsoft spokesman in Germany, said the company was aware of the warning, but did not agree with it.
He pointed out that the attacks on Google were by highly motivated people with a very specific agenda.
Mr Baumgaertner said 'These were not attacks against general users or consumers. There is no threat to the general user, consequently we do not support this warning.'
But Graham Cluley of anti-virus firm Sophos said instructions on how to exploit the flaw had been posted in detail online.
He said: 'This is a vulnerability that was announced in the last couple of days. Microsoft have no patch yet and the implication is that this is the same one that exploited on the attacks on Google earlier this week.
'The way to exploit this flaw has now appeared on the internet, so it is quite possible that everyone is now going to have a go.
'We've been working with Microsoft to see if the damage can be mitigated and we are hoping that they will release an emergency patch.'
'One thing that should be stressed is that every browser has its security issues, so switching may remove this current risk but could expose you to another.'-www.dailymail.co.uk
1 comment:
Post a Comment