1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Germany Warns Against MSIE

Discussion in 'BlackHat Lounge' started by The Scarlet Pimp, Jan 18, 2010.

  1. The Scarlet Pimp

    The Scarlet Pimp Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 2, 2008
    Messages:
    787
    Likes Received:
    3,117
    Occupation:
    Chair moistener.
    Location:
    Cyberspace
    As tho anyone needed to be told that M.S. products are crap...:p

    Germany Warns Against Using Microsoft Internet Explorer

    http://www.telegraph.co.uk/technolo...gainst-using-Microsoft-Internet-Explorer.html

    The German government has warned against using Microsoft's Internet Explorer to browse the web because of security flaws.

    The German government's caution applies to versions six, seven and eight of the world's most popular browser.

    The Federal Office for Information (BSI) Security told Germans to avoid use of all versions of Explorer after a security hole led to attacks against Google and others by hackers in China.

    Microsoft admitted last week that its browser was the weak link in recent attacks by hackers who pried into e-mail accounts of human rights activists. Following the attack, Google threatened to end its operations in China.

    But Microsoft rejected the German government's warning as too strong and sought to reassure general users that the security threat was low.

    "These were not attacks against general users or consumers," said Thomas Baumgaertner, a Microsoft spokesman in Germany, adding that the attacks on Google were carried out by "highly motivated people with a very specific agenda".

    "There is no threat to the general user, consequently we do not support this warning," he said.

    Microsoft claims the security risk can be limited by setting the browser's security zone to "high", although they admitted this limits functionality and blocks many websites.

    But the BSI insisted that such measures were not sufficient and urged internet users to use alternative browsers.

    "Using Internet Explorer in 'secure mode,' as well as turning off Active Scripting makes attacks more difficult, but cannot fully prevent them," it said in a statement.

    Microsoft is urgently working on fixing the flaw but experts fear that in the meantime there could be a spate of attacks by copycat hackers.

    Graham Cluley, of antivirus firm Sophos, said: "The way to exploit this flaw has now appeared on the internet, so it is quite possible that everyone is now going to have a go.

    "We've been working with Microsoft to see if the damage can be mitigated and we are hoping that they will release an emergency patch," Mr Cluley said.

    "One thing that should be stressed is that every browser has its security issues, so switching may remove this current risk but could expose you to another."

    Last week, Microsoft said it had no plans to pull out of China, dashing hopes the software giant would support its rival Google in its stand against Chinese censorship of the internet.

    Steven Ballmer, chief executive, questioned the sudden urgency of complaints about attempts to hack the Gmail accounts of human rights activists from inside China.
     
  2. justone

    justone Elite Member

    Joined:
    Oct 12, 2008
    Messages:
    1,516
    Likes Received:
    1,037
    Occupation:
    -
    Location:
    Europe
    The bug is really one of the worst in the last years.

    You can usually spot an exploit when IE or another application using IE (senuke as example) suddenly crashes.
    That's a sign that someone broke into your computer.

    A recent antivirus like the free avg variant is good enough to stop many of the most common attacks.
    But the only real protection is to stop using IE, so I think the germans are right.
     
  3. The Scarlet Pimp

    The Scarlet Pimp Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 2, 2008
    Messages:
    787
    Likes Received:
    3,117
    Occupation:
    Chair moistener.
    Location:
    Cyberspace