Is Microsoft Internet Explorer too dangerous to use? In the aftermath of news that hackers exploited security holes in IE to break into Google’s systems in China, the governments of France and Germany are taking the unprecedented step of recommending users stop using Internet Explorer 6, 7 or 8.
Germany’s Federal Office for Information Security recommended “temporary use of alternative browsers” because of a “critical security hole” in Internet Explorer that allows hackers to remotely run malicious code on Windows PCs.
France’s CERTA agency also recommended using other browsers until Microsoft provides a patch.
Threat Response or Damage Control?
Microsoft’s initial response was basically along the lines of, “You wanna patch? It’s called IE 8.” Microsoft provided the following statement in response to the advisories: “In regards to the recent Internet Explorer vulnerability, we have not seen successful attacks on Internet Explorer 8. As such, Microsoft continues to recommend customers upgrade to Internet Explorer 8 to benefit from its improved security protections.”
Microsoft added that it hadn’t seen successful attacks on Internet Explorer 7, either, but said that it is investigating reports that proof-of-concept code exists that exploits the vulnerability in IE7 on Vista and XP.
But apparently caving to pressure and possibly unsettled by all the hubbub, Microsoft relented Tuesday and announced it would, in fact, issue an “out-of-band” emergency security update for Internet Explorer.
On the Microsoft Security Response Center blog, George Stathakopoulos, general manager for Trustworthy Computing Security, wrote, “Given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves and the escalating threat environment Microsoft will release a security update out-of-band for this vulnerability.” Stathakopoulos said details of the patch’s release would be issued Wednesday.
Microsoft normally issues patches on Patch Tuesday once a month (the next is scheduled for February 9), but occasionally jumps the…
Buy This Item: [Click here to buy this item]