Posted on 04/28/2014 6:24:40 PM PDT by markomalley
It's not often that the US or UK governments weigh in on the browser wars, but a new Internet Explorer vulnerability that affects all major versions of the browser from the past decade has forced it to raise an alarm: Stop using IE.
The zero-day exploit, the term given to a previously unknown, unpatched flaw, allows attackers to install malware on your computer without your permission. That malware could be used to steal personal data, track online behavior, or gain control of the computer. Security firm FireEye, which discovered the bug, said that the flaw is being used with a known Flash-based exploit technique to attack financial and defense organizations in the US via Internet Explorer 9, 10, and 11. Those versions of the browser run on Microsoft's Windows Vista, Windows 7, and Windows 8, although the exploit is present in Internet Explorer 6 and above.
While the Computer Emergency Readiness Team in England and the US regularly issue browser advisories, this is one of the few times that the CERT team has recommended that people avoid using a specific browser.
FireEye recommends that if you can't switch browsers, then you disable Internet Explorer's Flash plug-in. You also can use IE with Microsoft's Enhanced Mitigation Experience Toolkit security app, but that will not be as secure as simply switching browsers.
Microsoft and the Department of Homeland Security did not immediately respond to requests for comment.
Statistics vary as to how many people actually use Internet Explorer. NetMarketShare puts the total around 55 percent of the desktop browser market, while competitor StatCounter says that 22.58 percent of people use IE. While the disparity is large, in either case the flaw affects a huge number of browsers being actively used.
The real problem with FR search, IMO, is that it defaults to "keywords" instead of "title" string match. Keywords are a lot harder to guess.
In this case, since the titles are identical except for the additional "and UK" in the newer one, a search of title strings would have turned it right up.
Oh well, it's important stuff so repeating it doesn't hurt anybody.
So what happens when I right click on Shockwave Flash Object? What will I not be able to access on the computer? I have Windows 7 Ultimate. (this stuff is Greek to me. Sigh)
I go hit by some type of infection due to a flash player exploit and I think it made my hard drive unbootable. I ended up putting in a new hard drive and after getting what I needed off the old one just reformatted it which seemed to kill the infection. I needed to clean up my computer anyway and everything is running much faster than it used to. I just put the reformatted hard drive into another computer after checking the drive for viruses and bad sectors (it found none). I guess it’s fixed.
If you see any messages that pop up that says you need to upgrade your flash player program DON’T do it. The hackers made it look like the link went to www.adobe.com. I think they were just able to make the browser show a false address.
LOL
I wuz keedean about Netscape.
That’s so 90’s....
Marked
People running a business communicating with other websites that, it turns out, aren't coded very well for other browsers.
We're talking major financial institutions here.
Feel better? /s
(last was sarcastic, but I'm serious about IE being the only browser that works well in the cases of which I have first-hand knowledge)
I’ve been using PaleMoon with regularity since another FReeper recommended it (among many).
Unfortunately, my experience with it is as bad as Firefox: It’s a memory hog that crashes with the same regularity as IE (I even reverted to an earlier IE, but no joy). Plugin problems with PM and FF as well.
Opera was just loaded tonight; after a couple of hours, so far I’m very impressed.
The MAIN impressive thing here: My antivirus is running a full scheduled scan in the background and the browser isn’t crashing. (I just checked my cpu performance and was surprised to see it running, as in the past I had to either stop it or stay offline until it was done).
I’ll find out in the next couple days if it works with all our vendor sites...
.02 (my experience)
Do you use Flashblock or NoScript with Firefox?
So let me get this straight. The U.S. govt. warns me not to use Internet Explorer but says it’s ok to submit ALL of my personal information using ANY browser to healthcare.gov?
Uh huh.
I have used Firefox for a long time, rather than IE but IE was already installed when I purchased it. I only use IE to check out how my website looks for visitors with IE.
Opera doesn’t seem to support bookmarks, and I have hundreds I’d prefer not to lose. Neither Palemoon nor Firefox have ever crashed on my computer while running a full scan with Malwarebyte.
“FireEye suggests disabling the Adobe Flash plugin because the attacks won’t work without it. FireEye also said running IE in enhanced protection mode, which is only available for IE versions 10 and 11, will protect users from attacks....”
I use ESET NOD32 antivirus and have no memory hogging problems on my computer.
Also haven’t had a virus infect my computer and not be found, quarantined or cleaned since around 2005.
Running Win 7 (64-bit), 6GB or RAM.
Maybe I mistyped: They don’t crash, but my system resources get so low it’s like stop-motion.
I hear ya on the Opera bookmarks (they use tiles in the ‘Speed Dial’ interface); not sure how I’m going to address that just now. I just don’t have time to do anything right now but have more than one good alternative to IE with this bug out there. I won’t use Google/Chrome and I needed something stable to get me by...Opera’s stable on my system.
I appreciate that. ESET is at the top of my short list for replacing MSSE if the time comes. If I recall what I looked up last month, ESET & Avast both benchmarked at the top of the list. I’ve had Avast, but I’ve also had it pass malware when in ‘renew mode’ but not expired (still angry about that...same thing happened with NAV almost 10 years ago).
I simply need to get my system upgraded to a quad core + (since I stopped gaming on the pc I’m lagging a bit in that department, to say nothing of disposable income the past couple years).
Last sentence in the article says 55% of desk top browsers.
Well, thatz true.
L.A. Z bass turds ....
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.