Now that Microsoft revealed a major security threat via all Internet Explorer browsers, where hackers could remotely gain access to users computer, U.S. government warned the users to seek alternatives to the IE until Microsoft releases the software patch.
This is a major blow to Microsoft from the US Department of Homeland Security. The United States Computer Emergence Readiness Team (US-CERT) released an advisory that the vulnerability in Internet Explorer (versions 6 through 11) “could lead to the complete compromise of an affected system”.
If we calculate the total global users of Microsoft’s browsers taken from NetMarket Share‘s analytics data, the vulnerability affects more than half of the global desktop browser market.
It is less than a month that Microsoft has ended support for Windows XP, now, the users of the operating system machines will also face the first major security threat. It’s because, when Microsoft releases patch for the affected browsers, it will not release any updates to those browsers running on Windows XP. Microsoft will no longer serve for XP which is officially retired last April 8.
When the victim visits a special crafted website, vulnerability will potentially allow the attacker to execute arbitrary code. The bug will allow hackers may use the IE with “drive-by” attacks to exploit an unpatched critical vulnerability.
The company showed some workarounds such as deploying and configuring EMET 4.1 (Enhanced Mitigation Experience Toolkit) as well as recommended to set the Internet and local intranet security zone settings to “High”.Some other basic workarounds also explained step by step in the release note, Read it here.
XP users were asked to switch to other browser such as Google’s Chrome or Mozilla’s Firefox, and urged them to “unregister” the vgx.dll file. Stay tuned for more updates on this issue. Are you still one of those half of the global desktop users who use IE browser?