Government Issues Major Warning Over "Internet Explorer" Bug

Discussion in 'BlackHat Lounge' started by The Scarlet Pimp, Apr 29, 2014.

  1. The Scarlet Pimp

    The Scarlet Pimp Senior Member

    Apr 2, 2008
    Likes Received:
    Chair moistener.
    why is anyone still using this piece of crapola?


    Microsoft says Internet Explorer bug is present in versions 6 to 11 (55% of browser market).

    Department of Homeland Security advised computer users to consider using alternatives.

    Windows XP will not receive any updates (15% - 25% of the world's PCs use it).

    Attacks are currently against U.S.A.-based defense and financial sector firms.

    The U.S. Department of Homeland Security has advised computer users to abandon Microsoft's Internet Explorer browser until the company fixes a security flaw that hackers have used to launch attacks.

    The bug is the first high-profile security flaw to emerge since Microsoft stopped providing security updates for Windows XP earlier this month.

    That means PCs running the 13-year old operating system could remain unprotected against hackers seeking to exploit the newly uncovered flaw, even after Microsoft figures out how to defend against it.

    The United States Computer Emergency Readiness Team, a part of Homeland Security known as US-CERT, said in an advisory released on Monday morning that the vulnerability in versions 6 to 11 of Internet Explorer could lead to 'the complete compromise' of an affected system.

    'We are currently unaware of a practical solution to this problem,' Carnegie Mellon's Software Engineering Institute warned in a separate advisory, that US-CERT linked to in its warning.

    Microsoft Corp is rushing to fix the bug in its widely used Internet Explorer web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some U.S. companies.

    Microsoft disclosed on Saturday its plans to fix the bug, which targets Internet Explorer versions 9 through 11.

    Those versions take up 26.25 percent of the browser market, according to FireEye, the cybersecurity software company that caught the bug.