Internet Explorer has long been the topic of negative conversation in the tech community. And today is no different as a major security flaw has been announced that affects IE5 through the new IE8 beta.
The flaw allows serious and far reaching attacks that are not just theoretical in nature. According to sources this particular issue is already in wide use with attempts to steal game passwords. There are a reported 10,000+ websites infected with the code necessary to take advantage of this breach.
With the recent news about the IE flaw, security experts are urging all Internet Explorer users to switch to any other browser for the time being despite Microsoft saying that they cannot encourage users to switch from just one flaw. Opera, Chrome, Safari and Firefox are not affected by this security flaw and have not reported any issues relating to it.
No ETA for Internet Explorer Security Fix
Details about exactly what the flaw is are a little vague, but experts agree that this threat may spread well beyond stealing gaming passwords (which can still result in credit theft and more).
Microsoft describes the threat as, “As an invalid pointer reference in the data binding function of Internet Explorer,” (essentially it will leave a hole open that can be accessed for remote code execution) and has reported that they are working on the issue. There is no ETA for the fix.
Their overall suggested actions are to keep your Windows OS updated as well as your Internet Explorer, ensure that you are running good antivirus software, and make sure all your security settings are set to high (this may require you to create a list of allowable websites). Vista users can use the Protected Mode for IE.
But according to the Washington Post, many of their workarounds for mitigating the threat simply don’t work. The problem is that most people in this industry or that even spend a considerable amount of time online already do much of what Microsoft is suggesting and the issues are still present as well as the threat.
Considering this threat has been present in versions of Internet Explorer ranging from 5.x to 8.x beta, switching is the best thing you can do for now.
What To Do Next
You do not have to uninstall your IE, just don’t use it for now. The browser that comes the most highly recommended is FireFox, considering that Chrome is still new and that Opera and Safari are not in massive use. They are all free downloads and install with a few clicks.
This may be an issue that is fixed quickly and Internet Explorer advocates can get back on their horses soon, but with the intensity of the news things don’t look good for Microsoft’s browser…especially in a time when security breaches and the like can spell the end of a service.