Several Governments Warn Users To Switch To Chrome Or Firefox In Wake Of IE Exploit

rated by 0 users
This post has 10 Replies | 0 Followers

Top 10 Contributor
Posts 26,492
Points 1,196,595
Joined: Sep 2007
News Posted: Tue, Apr 29 2014 11:49 AM
If you haven't already, you should consider dropping Internet Explorer and using a browser like Chrome or Firefox, at least until Microsoft rolls out a fix for a zero day vulnerability that reportedly affects nearly every version of IE. Worse yet, if you're still stubbornly rocking Windows XP for whatever reason, this is potentially a permanent vulnerability -- Microsoft dropped support for the legacy operating system earlier this month.

The United States Computer Emergency Readiness Team (US-CERT) is one of several governments that suggests employing an alternate browser.

"US-CERT is aware of active exploitation of a use-after-free vulnerability in Microsoft Internet Explorer. This vulnerability affects IE versions 6 through 11 and could allow unauthorized remote code execution," US-CERT warns.

IE browser

Microsoft says it's aware of hackers using this vulnerability in targeted attacks, which is something security outfit FireEye Research Labs has seen. If you must use IE -- a requirement for work applications, for example -- be wary of clicking on links in instant messaging applications or in emails. One of the more common methods of exploiting this zero day bug is by convincing users to click on a URL that will bring them to a malicious website.

According to FishEye Research Labs, the exploit leverages a previously unknown use-after-free vulnerability, and uses a well-known Flash exploitation technique to achieve arbitrary memory access and bypass Windows' ASLR and DEP protections.

"This vulnerability, for which (at the time of writing) Microsoft has not yet issued a patch, affects Internet Explorer running on any version of the Windows Operating System although Microsoft has indicated that versions of Windows Server and Microsoft mail applications are protected to some degree," CERT-UK, the U.K. equivalent of US-CERT, stated in a blog post.
  • | Post Points: 140
Top 500 Contributor
Posts 276
Points 3,040
Joined: Sep 2009
Location: Port Orchard, WA

I did saw this on news on TV. I do use FireFox browser for now. Until Microsoft get IE fix soon. I rarely use IE but most of time I use Fire Fox. Thanks for put the post up about IE.

  • | Post Points: 5
Not Ranked
Posts 8
Points 70
Joined: Apr 2014

I would recommend for people to get Malwarebytes Anti-Exploit BETA if they are using windows xp or internet explorer or both.

  • | Post Points: 5
Not Ranked
Posts 36
Points 300
Joined: Mar 2014
Location: minneapolis mn

i never use this shity browser i all ways use chrome i uninstall internet explorer

  • | Post Points: 20
Top 500 Contributor
Posts 164
Points 1,630
Joined: Nov 2010
MCaddick replied on Tue, Apr 29 2014 10:20 PM

So you like having EVERYTHING you do online being spied upon by a ruthless and unaccountable advertising company? Well done.

  • | Post Points: 5
Not Ranked
Posts 3
Points 30
Joined: Jun 2013

I use Netscape Navigator Alpha.

  • | Post Points: 5
Top 150 Contributor
Posts 558
Points 5,105
Joined: Nov 2010
Location: Harker Heights

Firefox locked down so hard nothing runs without my say so.

  • | Post Points: 5
Not Ranked
Posts 11
Points 55
Joined: Apr 2014
JeffWenz replied on Wed, Apr 30 2014 8:53 AM

meh, I'm still going to use it.

  • | Post Points: 5
Top 200 Contributor
Posts 431
Points 3,295
Joined: Jul 2013
Location: United States,Alabama

1st they drop XP and now they cant re work the browser...c',mon

  • | Post Points: 5
Not Ranked
Posts 39
Points 285
Joined: Jun 2011
Location: U.S.A.
elkhorn replied on Wed, Apr 30 2014 1:55 PM

Does anyone know if this effects Windows 7 Pro ???

  • | Post Points: 5
Not Ranked
Posts 16
Points 185
Joined: Mar 2011
KMotheral replied on Thu, May 1 2014 10:03 AM

I think I will ride it out !1

  • | Post Points: 5
Page 1 of 1 (11 items) | RSS