Microsoft Issues Advisory to Users: Major Security Flaw on Internet Explorer
By Ma Evelyn Castino Quilas | April 29, 2014 11:19 PM EST
Microsoft issued an advisory to all users using Internet Explorer (IE) versions 6 to 11 of a major security flaw on the browser. The advisory dated April 26, 2014 seriously warned consumers on the vulnerability of remote code execution wherein computer hackers could obtain access to the user's computer and operate it remotely.
People using Internet Explorer 7, 8 or 9 on Windows Vista, XP or 7 are vulnerable to a new security threat.
The software giant rushed to fix the problem and promised to roll out the fix for users immediately after attack in some US companies have been reported. With over 50% of the users using IE versions as their browsers, the impact to customers could be quite large.
The Redmond-based company listed the mitigating factors of this major security flaw on a dedicated webpage. Among the factors mentioned are computers running on a restricted mode called Enhanced Security Configuration or web-based attack when users clicking on a link in an email message.
The advisory also mentioned to include solutions by providing monthly security update release process or out-of-cycle security update depending on the needs of the users.
However, with Microsoft's official termination of its support on computers still running on the adolescent OS Windows XP, the advisory brought about more concerns for users cannot anymore receive security updates or bug fixes.
According to security firms, Windows XP is still running in around 15 to 25 percent of the computers across the world to the affected users is quite significant.
Internet Security company Symantec, also issued a statement on this case. The company's blog stated: "Our testing confirmed that the vulnerability crashes Internet Explorer on Windows XP. This will be the first zero-day vulnerability that will not be patched for Windows XP users."
US-Cert issued a guidance statement to all users and administrators using the affected IE versions to review the Microsoft advisory for possible actions or using alternative browsers in the meantime.
The Cybersecurity software maker FireEye Inc. whose mandate is to help companies respond to cyber attacks also gave the same advice as the US-Cert to use alternative browser while the investigation is on-going.
In a report from Huffington Post, FireEye spokesman Vitor De Souza stated: ""It's unclear what the motives of this attack group are, at this point. It appears to be broad-spectrum intel gathering."
So for billons of people all over the globe who access the internet, best use Mozilla Firefox, Google Chrome, Safari, or other browsers in the meantime.
To contact the editor, e-mail:
Most Popular Slideshows
- NFL MNF: Pittsburgh Steelers 30, Houston Texans 23 [PHOTOS]
- 2014 MLB World Series Game 1: San Francisco Giants 7, Kansas City Royals 1 [PHOTOS]
- 2014 MLB World Series - Game 2: Kansas City Royals 7, San Francisco Giants 2 [PHOTOS]
- NFL Thursday Recap - Denver Broncos 35, San Diego Chargers 21: Peyton Manning Has 3 TDs In Easy Win [PHOTOS]
Join the Conversation
- Tesco Facing Crisis After Chairman Quits Citing Accounting Scandal In The Retail Giant
- Australian Federal Court Fines Reebok $350,000 & Orders Refunds For Shoe Endorsed By Miranda Kerr That Claims Unproven Health Benefits
- Sydney Software Firm Bigcommerce Teams Up With Alibaba To Beat Amazon
- Perth Call Centre Staff Bad In English And Not Philippine And Indian Counterparts, Telstra Boss Says
- ASUS Releases A Teaser Indicating The Arrival of New Zenfone and ZenWatch On October 28
- Boy Stoned To Death For Alleged Rape, Victim Receives Dowry From Militants
- Xiaomi Redmi 1S vs. Sharp Aquos Crystal – Specifications, Features And Price Showdown
- Three Dual SIM Samsung Galaxy Note 4 Duos Variants Comes To China
- Russia is Creating Underwater Combat Robots to Protect its Arctic Territories
- ‘Lone Wolf’ Attack on Canada Parliament Hill Could be ISIS-Related
- Swedish Military Spots ‘Russian Submarine’ Off Stockholm Coast, An Alarming ‘Security Game Changer’