German Government: Don’t use Internet Explorer

[ItsRobsLife]

A new media release by the German Federal Office for Security in Information Technology (BSI) recommends for all Internet Explorer users to switch to an alternative browser until Microsoft can come up with a solution for a critical vulnerability issue with the browser.

Google translator version of the media release by BSI: German Translation

Critical security flaw in Internet Explorer
BSI recommends the temporary use of alternative browsers
Bonn, 15.01.2010.

In Internet Explorer, there is a critical yet unknown vulnerability. The vulnerability allows attackers to inject malicious code via a specially crafted Web page into a Windows computer to infiltrate and set up. The last week became known hacker attack on Google and other U.S. companies has probably exploited the vulnerability.

Affected are the versions 6, 7 a.m. to 8 p.m. Internet Explorer on Windows systems XP, Vista and Windows 7 Microsoft has released a security advisory in which it discusses ways of minimizing risk and is already working on a patch to close the security gap. The BSI expects that this vulnerability will be used in a short time for attacks on the Internet.

Running the Internet Explorer in “protected mode” as well as disabling scripting Acitve Although more difficult to attack, but it can not completely prevented. Therefore, the BSI recommends to switch to the existence of a patch from Microsoft to an alternative browser.

Once the vulnerability has been closed, the BSI will provide information on its warning and information about public-CERT. Keep informed about the civic-CERT and the BSI warns citizens and small and medium enterprises from viruses, worms and vulnerabilities in computer applications.

The expert analysis of the BSI around the clock, the security situation in the Internet and send alerts when action is needed and safety information via e-mail.

Typeboard

Could this be the death knell for MSIE?

[ItsRobsLife]

In an unprecedented move, the German government has now told its citizens to avoid using Internet Explorer for the time being. McAfee analysis showed that whoever tried to hack Google was using a previously unknown security vulnerability in Internet Explorer.

It currently looks like the attackers targeted specific individuals and fooled them into opening a link or downloading a file onto their computers. Earlier reports claimed that a vulnerability in Adobe Acrobat made these attacks possible.

McAffee's chief technology officer George Kurtz notes that this attack is a good example of the types of attacks that governments and large organizations are currently faced with. This new generation of malware is highly targeted and "designed to infect, conceal access, siphon data or, even worse, modify data without detection."

According to the German government, users should switch to alternative browsers, as other hackers will surely start to exploit this same vulnerability within days.

After Operation Aurora, German Government Says Don't Use Internet Explorer

[Norton]

MS gets another slap. Wonder when they will get their act together. They don't have a monopoly anymore.

[Thetyim]

I seem to remember Germany saying something similar about a year ago.

Is this a new warning ?

[ItsRobsLife]

Yes, it comes after the recent 'Aurora' hacking by the Chinese.

BSI recommends the temporary use of alternative browsers
Bonn, 15.01.2010.

I normally use XP IE8 only because I've been too lazy to switch and I find it easy to use, but have now moved everything over to Firefox.
It's interesting to see that only the very sensible Germans have issued this warning to it's citizens.
If the message was more widespread and users switched wholesale to other browsers Microsoft would take a massive, and irreversable, blow, at a time when they are promoting Windows 7.

[English Noodles]

I thought you flounced?

[ItsRobsLife]

Call it what you want, just got something that I need to get on with, I see I haven't missed much.

[BobR]

If Microsoft were a German company would the Krauts have said the same thing?

[panama hat]

I thought you flounced?

Good that he didn't

If Microsoft were a German company would the Krauts have said the same thing?

Yes, why not? This is just like any other product recall/warning . . . or do you see some insidious 'grassy knoll' conspiracy?

[corned dog]

Here's me thinking it was all the porn I downloaed

[SunTzu]

Nothing new here, it's been years that informed people warn you everywhere of the vulnerabilities of IE.


It just gets official, at last !

[StrontiumDog]

Haven't used IE in years.

Thank god!

[Jesus Jones]

I seem to remember Germany saying something similar about a year ago.

Is this a new warning ?

Last year they did say not to use google chrome.

[zubber]

UK ignores fears over Internet Explorer despite French and German warnings

Government and armed forces to continue using version of browser attacked by Chinese hackers in Google security breach

• Charles Arthur
• guardian.co.uk, Monday 18 January 2010 17.38 GMT

The British government and armed forces are to continue their widespread use of the version of Microsoft's Internet Explorer browser that was attacked by Chinese hackers who broke into Google's corporate network – even though both the French and German governments have advised people to stop using it.
The Cabinet Office, which oversees the deployment of computers in government, said today that "it doesn't think the issue [of being open to hacking] would be resolved any better by going elsewhere".
But over the weekend the German government advised citizens to stop using any version of Internet Explorer because of the possibility of attacks against it which could compromise the user's computer without their knowledge – and lead to the theft of data or incursions into corporate networks.
Today, the French government followed suit, issuing an advisory suggesting that all versions of Internet Explorer, which is included with Windows, are vulnerable to the attack that was used against Google, Adobe and an estimated 30 other western companies, by hackers originating in China.
Google said the attacks were used to steal intellectual property and compromise email accounts, and identified Internet Explorer as the weak point that was exploited.
The specific version of the browser known to be vulnerable to the attack mounted on Google is Internet Explorer 6 (IE6), which was first released in 2000 and is standard on Windows XP, which was released in 2001. Despite its age and known weakness to hacking, IE6 is still the most widely used browser in the world, ahead of newer, more secure versions and rivals' alternatives such as the free Firefox, Opera or Safari browsers.
IE6 is extensively used by the British government, including UK armed forces: in response to parliamentary questions asked last year by Labour MP and former Cabinet Office minister Tom Watson, the Ministry of Defence, which has 300,000 desktops worldwide (including ships), said it was sticking with IE6, "and at the current time does not have a requirement to move to an updated version".
Watson said today: "The government's own advice to businesses and consumers, through its Get Safe Online site that it helps to fund, is to not use IE6. So other than the fact that they aren't taking their own advice, it's preposterous that they wouldn't take this threat seriously. With the added security threat, all departments should certainly ditch IE6 and upgrade."
Microsoft sought to play down the risks of the vulnerability in a blog posting on Sunday, saying that "we are only seeing very limited number of targeted attacks against a small subset of corporations. The attacks that we have seen to date, including public proof-of-concept exploit code, are only effective against Internet Explorer 6."
However both the French and German government advisories say that there are weaknesses on newer versions of Internet Explorer on all versions of Windows, including the recently released Windows 7.

[panama hat]

Nah, it must be a ploy from the evil Germans and French . . . must be.

[nikster]

The only surprise here is how many businesses and governments still use IE6 - basically an open invitation for hackers to hack into corporate networks. The British armed forces - total joke, they need to get off IE ASAP.

A targeted attack like the one the Chinese staged against individual companies is very hard to defend against but using IE6 makes it practically impossible.

[panama hat]

The British armed forces - total joke, they need to get off IE ASAP.

. . . despite government warnings from two neighbours . . . makes little sense to take the risk . . . surely it is not a matter of saving face

[English Noodles]

I used to use internet explorer until about 12 months ago, Emperor Tud suggested the switch, and he is actually quite an authority on computer and software systems. I found firefox not to my liking at first but after a couple of weeks I found it to be far superior and user friendly than other browsers I have used, it has some great functions and I would be very hard to persuade me to change to another browser.

[theRealNapster]

plenty of other options, i prefer firefox also.

[dirtydog]

And yet the British govt is still on its quest to have as much personal info about it's subjects on computer.

[Bung]

Are you allowed to flounce and then carry on as if nothing happened?

[panama hat]

I found firefox not to my liking at first but after a couple of weeks I found it to be far superior and user friendly than other browsers I have used,

I've used Firefox for quite some time and decided to try out Google Chrome . . . far superior and faster, according to benchmark tests in last week's time mag. It also uses less memory to run

plenty of other options, i prefer firefox also.

Try Google Chrome, as above, it takes a bit of getting used to but one thing I really like is the search function directly in the address bar . . .

Really a very nice browser

Are you allowed to flounce and then carry on as if nothing happened?

[Marmite the Dog]

in response to parliamentary questions asked last year by Labour MP and former Cabinet Office minister Tom Watson, the Ministry of Defence, which has 300,000 desktops worldwide (including ships), said it was sticking with IE6

Fucking idiots. IE7 is a free upgrade that you get nagged to do via the automatic updates.

Emperor Tud suggested the switch, and he is actually quite an authority on computer and software systems

He's an authority the same way Thai builders are authorities on brain surgery.

[Marmite the Dog]

I've used Firefox for quite some time and decided to try out Google Chrome . . . far superior and faster, according to benchmark tests in last week's time mag. It also uses less memory to run

It also renders some sites incorrectly and doesn't have all the plug-ins that I need (although they do help to slow FF down even more).

[panama hat]

It also renders some sites incorrectly

Can you give me some examples, I haven't encountered that yet