An Internet Explorer bug has prompted the United States Department of Homeland security to advise Americans not to use Internet Explorer until a fix for the serious IE bug can be found. “Microsoft Internet Explorer contains a use-after-free vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system,” reports the Department of Homeland Security's United States Computer Emergency Readiness Team on April 28.
In simple words, this means that the latest IE bug works when an internet user clicks on a malicious link in Internet Explorer. There is no warning that something might be wrong, and clicking on the wrong link is all that it takes for hackers to hijack your computer. After you click on the link, the hackers can install malware on your computer without being noticed. Unwillingly, you turned control of your complete computer system over to someone else.
In their announcement, Homeland security said that it is currently unaware of “a practical solution to this problem.” All Internet Explorer versions 6 through 11 are affected. Until Microsoft can apply a fix, it is advised not to use Internet Explorer but to switch to another web browser like Firefox or Chrome.
For Windows XP users, Microsoft will not even try to find a fix for this latest bug. In its Microsoft Security Advisory, Microsoft is informing IE users that the company is aware of the targeted attack which allows hackers to access someone’s computer and that after it completes its investigation, the company will take “appropriate action” to protect its customers. That action might be included in Microsoft’s monthly security updates or an out-of-cycle security update.
The IE security bug was discovered over the weekend by FireEye Research Labs, an Internet security software company based in Milpitas, Calif. For computer techies, Fire Eye explains the IE bug in technical terms. With the help of a corrupted Adobe Flash file, hackers are able to circumvent security protections in the Windows operation system and attack a victim's computer. Turning off Adobe Flash might prevent a hacker’s access, but it is not guaranteed. “Threat actors are actively using this exploit in an ongoing campaign which we have named ‘Operation Clandestine Fox’.”
For non-techies, it is time to say good-bye to Internet Explorer. This is not the first, nor will it be the last bug that Internet Explorer has had. Some IE users might have had the annoying experience in the past of seeing several windows popping up and getting all sorts of unwanted messages when IE had a problem due to Java.
According to a Washington Post article on April 28, “bad news for users of Internet Explorer: You have been using Internet Explorer. Using Internet Explorer is the browser equivalent of sending emails IN ALL CAPS … Why would you voluntarily choose a browser experience that is like navigating the Internet through a thick soup?”
And one has to agree with the article. If you do not want to be driven crazy by six or more Internet Explorer browser windows or want to give hackers access to your private computer files, don’t use IE. If you insist on using Internet Explorer, make sure that you keep an eye out for any Microsoft security updates and install them.
The best thing to do in order to protect yourself against the Internet Explorer security bug is not to use the web browser at all. Even though it might take some time to get weaned from Internet Explorer to a different web browser like Chrome, Firefox, Safari, or Opera, in the end – it will be worth the effort and time. Chrome and Firefox are the two most popular alternatives to Internet Explorer and both allow you to import your IE browser history and bookmarks.