Homeland Security warns against using Internet Explorer until Microsoft fixes Security Bug

If you are using Internet Explorer to read this story, copy the URL, you may want to consider closing down IE and using a different browser to come back to this report.

As reported by the California-based Internet security firm FireEye Saturday, a vulnerability in IE versions 6 through 11 could allow unauthorized remote code execution. What this means, according to USA Today, is that “the security flaw allows malicious hackers to get around security protections in the Windows operating system. They then can be infected when visiting a compromised website.”

Microsoft has released workaround procedures, but the United States Computer Emergency Readiness Team, a division of the Department of Homeland Security, warned Monday that Internet Explorer users who are unable to follow may consider employing an alternate browser.”

Corrupted Adobe Flash is used to attack the victims computer, according to FireEye. "The attack will not work without Adobe Flash. Disabling the Flash plugin within IE will prevent the exploit from functioning."

As is often the case, the hackers work through deception.

“By convincing a user to view a specially crafted HTML document (e.g., a web page or an

HTML email message or attachment), an attacker may be able to execute arbitrary code,” the DHS warned Saturday, “We are currently unaware of a practical solution to this problem,” it added.

CNET reported Sunday it had learned from FireEye that the vulnerability is “currently being exploited by a group of hackers targeting financial and defense organization in the US.”

USA Today reported that the attacks do not appear to be widespread at this time and that Microsoft has confirmed that it is working on a fix. Microsoft generally releases security patches the second Tuesday of each month, USA Today reported, meaning that the next release isn’t due until May 14. It is not known if a fix will be released before then.

The UK’s Computer Emergency Readiness Team also advised against using Microsoft until a fix is in place, stating that “(u)sers should also consider using alternative browsers, such as Google Chrome and Mozilla Firefox; and ensure that their antivirus software is current and regularly updated.”

Computer users who rely on the XP operating system are particularly vulnerable since Microsoft discontinued support for XP April 8. Symantec, however, is offering suggestions on how XP users can mitigate the threat in this blog post.

 Don't Forget to like our page on facebook and follow us on twitter. Please Leave a comment below.