US warns on use of flawed Microsoft browser

The Microsoft logo is seen before the start of a media event in San Francisco, California, March 27, 2014
The Microsoft logo is seen before the start of a media event in San Francisco, California, March 27, 2014

A US government cybersecurity watchdog warned computer users Monday against using a version of the Microsoft Internet Explorer browser with a security hole that could allow hackers in.

The government's Computer Emergency Response Team (US-CERT) said in a statement that it was aware of "active exploitation" of the in versions six through 11 of the flagship Explorer browser.

The agency, a unit of the Department of Homeland Security, urged computer users to take protective actions and "consider employing an alternative Web browser until an official update is available."

The security flaw is of particular concern for computers running Windows XP, an older version of the operating system for which Microsoft has said it will no longer issue security updates.

Microsoft said Saturday that an attacker who successfully exploits the vulnerability could take control of the computer.

Cybersecurity firm FireEye, which took credit for identifying the flaw, said hackers were exploiting the bug in a campaign nicknamed "Operation Clandestine Fox."

Roger Kay, analyst with Endpoint Technologies Associates, said the flaw affects multiple versions of the browser "but is most dangerous for XP users, since that OS is no longer being maintained."

"While it's still possible that Microsoft will relent and fix XP one more time, users should not count on it," Kay said.

"And even if Microsoft does throw this group a lifeline one more time, inevitably the day will come when the software giant will no longer bail them out."

© 2014 AFP

Citation: US warns on use of flawed Microsoft browser (2014, April 28) retrieved 29 March 2024 from https://phys.org/news/2014-04-flawed-microsoft-browser.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Microsoft issues advisory on Internet Explorer vulnerability

0 shares

Feedback to editors