Skip to content
Link copied to clipboard

U.S. and UK advise avoiding Internet Explorer until bug is fixed

BOSTON - The U.S. and UK governments on Monday advised computer users to consider using alternatives to Microsoft Corp.'s Internet Explorer browser until the company fixes a security flaw that hackers used to launch attacks.

BOSTON - The U.S. and UK governments on Monday advised computer users to consider using alternatives to Microsoft Corp.'s Internet Explorer browser until the company fixes a security flaw that hackers used to launch attacks.

The Internet Explorer bug, disclosed over the weekend, is the first high-profile computer threat to emerge since Microsoft stopped providing security updates for Windows XP this month. That means PCs running the 13-year-old operating system will remain unprotected, even after Microsoft releases updates to defend against it.

The Department of Homeland Security's U.S. Computer Emergency Readiness Team said in an advisory released Monday that the vulnerability in versions 6 to 11 of Internet Explorer could lead to "the complete compromise" of an affected system.

The recently established UK National Computer Emergency Response Team issued similar advice to British computer users, saying that in addition to considering alternative browsers, they should make sure their antivirus software is current and regularly updated.

Versions 6 to 11 of Internet Explorer dominate desktop browsing, accounting for 55 percent of global market share, according to research firm NetMarketShare.

Boldizsár Bencsáth, assistant professor with Hungary's Laboratory of Cryptography and Systems Security, said the best solution was to use another browser such as Google Inc's Chrome or Mozilla's Firefox.

Security experts have long been warning Windows XP users to upgrade to Windows 7 or 8 before Microsoft stopped supporting it at the beginning of this month. The threat that emerged over the weekend could be the wakeup call that prompts the estimated 15 to 25 percent of PC users who still use XP to dump those systems.