Security Alert Issued for Internet Explorer Zero-D...
Security Alert Issued for Internet Explorer Zero-Day Flaw
It's not a good day to be using Internet Explorer. As reported today by the BBC, if you're using the world's most used web browser you're being advised to switch to an alternative until a reported serious security flaw has been patched.
Anti-virus software maker Trend Micro has reported that "Microsoft's recent security updates fail to provide protection against a recently discovered zero-day vulnerability, which could provide opportunities for cyber criminals to compromise PCs".
This flaw leaves all versions of Internet Explorer potentially open to a ‘drive-by' attack on its vulnerability. This could allow criminals to take control of computers and steal passwords if viewing a compromised website.
It's reported that much of this criminal activity is being perpetrated by a Chinese underground who are stealing gaming passwords. The seriousness of this however is not lost on Microsoft which says it has detected attacks against version seven of the browser. Microsoft is investigating the problem and preparing an emergency software patch to resolve it.
The flaw could be "adopted by more financially motivated criminals" a Trend Micro security researcher is reported as saying.
So, what are the alternatives for a Windows user?
For the majority of people Firefox would most likely trip off the tongue, but even this has been reported as having its own vulnerabilities, leading it to only yesterday top the list of the ‘12 most vulnerable apps' over at zdnet.
Oddly Internet Explorer doesn't itself make the list, putting the article's objectivity, according to observers, in some doubt.
Whatever browser you use then, you're advised to use and keep updated good anti-virus software. And make sure you're installing the latest security patches for the software you use. When you can catch a 'cold' simply by browsing the 'wrong' website you've got to take precautions.. it's a case of 'stay patched, stay safe'.
For Windows users then the alternatives to IE7 are:Firefox: downloadChrome: downloadOpera: downloadSafari: download
Update Dec 17th: Microsoft Security Response Centre reports that a patch will be issued later today to address this security flaw.