German government is asking its country’s internet users to ditch all Internet Explorer web browsing versions, due to its security vulnerability. Germany’s federal office for Information Security(BSI), which is an agency looking after their country’s IT security, has issued an official warning urging individuals and companies to stop using internet explorer.
The country’s federal government reacted sharply to the news that there are already zero day exploits prevailing on internet due to IE security hole. BSI has a strong opinion that the security vulnerability of Microsoft’s web browser has made criminals use these vulnerabilities to target users and it is reported by some reliable sources that there was an attempt to hijack one of the highly regarded German government servers through IE. In order to stay safe from any future web attacks, German government has urged all the country’s web surfers to use an alternate web browser in place of Microsoft Windows Internet Explorer versions (IE6-IE9).
Since, the “Zero Day Exploit” is on wild and there is no fix yet, Germany’s BIS wants its country’s Internet users to ditch IE until Microsoft comes up with a serious patch. As soon as there is a fix available, BIS will reverse this update of ditching IE.
Historically speaking, BIS issued a similar warning in the past as well, when there was a serious zero-day flaw in Java and IE. Now also the agency has taken the responsibility to issue a national alert as a part of their duty and is also in contact with Microsoft authorities and is pushing them hard, to come up with a patch as soon as possible.
Well, reacting to this news, Yunsun Wee, director of Microsoft’s trustworthy computing group, has announced in a blog post that a one-click fix for the flaw will be released in next few days. In the meantime, as a matter of respite, the company has issued a free tool which is “Enhanced Mitigation Experience Toolkit (EMET)”, which secures the IE users from falling victims to any kind of exploits.
Microsoft has also come up with a manual solution for the time being, which is as per the OS giant’s knowledge will be 95% effective. Microsoft has recommended a setting of internet and local intranet security zone settings to be set at “High” to block ActiveX controls and active scripting in these zones. However, this is a temporary solution and pretty soon a one-click solution will be available soon.
As a matter of fact, the security vulnerability of IE was found last week by Eric Romang, who is a security researcher and that was, when he was looking out for java related vulnerabilities. Eric was analyzing an earlier “Zero Day” flaw, when he came across the discovery of the new IE vulnerability. With this flaw available in IE6-IE9, an intruder can remotely execute a code with the same privilege as the current user. If this user has administrative rights, the attacker will be gaining complete control over the system and can take control of all his/her administrative tasks. If the intruder breaks into a user’s account, then his/her bank account, emails, computer data can be easily compromised. If they take control of video surveillance system of a bank, then one could expect something worst to take place. Imagine, if it happens with any government agency, then the situation can become worse and the best example is the movie “ Die Hard 4 or Live Free” of Hollywood actor Bruce Willis.
For this reason, as a precautionary measure, Germany asked its country’s internet users to stop using IE web browsers till Microsoft comes up with an effective security patch up.
However, Microsoft is a well experienced player in tackling these situations. It has done it in the past and shown its commitment to its users. And so in this situation, as well, we can expect that the company will come up with a robust solution to the German government’s precautionary concern, in no time.
storageservers.wordpress.com 