How safe is Internet Explorer?
Last week Google announced that its subsidiary in China, along with many other companies, have been targets of a very sophisticated cyber attack. The news created a big buzz in the media and around the political world because it seemed to pit Google against China. From the consumers point of view, the worrisome news is that one of the security holes that the attackers used was found in the Internet Explorer browser, arguably the most popular browser in the world.
Attackers were able to insert malware code into user computers running Internet Explorer which enabled them to access personal Gmail accounts. The malware code has since been made public and this exploit is available to anyone now interested in putting it to nefarious use, which could include going beyond just reading your Gmail account.
" I believe this is the largest and most sophisticated cyber attack we have seen in years," said George Kurtz, chief technology officer at McAfee in his blog. "What really makes this a watershed moment in cyber security is the targeted and coordinated nature of the attack with the main goal appearing to be to steal core intellectual property."
Microsoft has since admitted the existence of this security hole and recommends that browser security zone be set to high. But unfortunately, this does not prevent all malware codes that might compromise your security. Furthermore, it removes many features from the browser and restricts its use. The company released a security patch for Internet Explorer 6 and claims it effects only that version of the browser, but researchers have succeeded using the exploit on versions 7 and 8.
In response to this vulnerability, the German and French governments have recommended that its citizens replace the Internet Explorer and use an alternative one, at least till Microsoft releases a security update. Should we follow the advice here in the U.S.?
At the very least, follow Microsoft's advice on security and immediately upgrade to Internet Explorer 8. Promptly install all security patches and newer versions of the browser that Microsoft makes available. And invest in a strong anti-virus and anti-malware software.
If it is possible, do consider alternative browsers like Firefox or Google Chrome, at least to browse sites that require you to enter passwords and identify yourself in any way for online banking and online shopping. These browsers are developed not by Microsoft, but do run on Windows computers. Be aware though that they may be vulnerable to other forms of security threats, even though they are not vulnerable to the current ones.
But above all else, there is no alternative to being well-informed. Educate yourself on the risks that each activity on the web poses and keep abreast of security news.