The Department of Homeland Security advises Americans not to use Internet Explorer as their web browser until a security flaw in the system has been fixed. All versions of Internet Explorer (6-11) are vulnerable to the bug, but especially IE9 and IE10.
FireEye Research Labs, an Internet Security Firm, announced the security flaw over the weekend. Currently there is no solution to the problem so users are urged to run another browser such as Google Chrome or Firefox.
How does your computer become affected and your information put at risk?
In a web-based attack, users would need to visit the attacker’s infected website and then the malicious code can be installed on your PC. Also, websites that accept or host user-provided content or advertisements are also at risk and the code can be installed by the attackers.
FireEye said in their statement that the hack uses corrupted Adobe Flash files. By disabling the Flash plugin within Internet Explorer, users can avoid the attack on their PC. Most people operate their computers as “administrators” which would give the attackers all the rights to your control your PC – and you may not even notice. Isn’t it amazing how Adobe Flash is the gateway to almost every virus or bug?
Remember April 8th marked the end of support for Windows XP; this Internet Explorer flaw appears to be the first post-support vulnerability that will leave XP users on their own. If you haven’t upgraded your Windows operating system yet, we advise you to look into upgrading to Windows 7 or 8. Surely this is not the last attack. More will follow and computer users need to protect their personal data.
This Internet Explorer security flaw is known as a zero-day threat, meaning developers had zero days to address the vulnerability from the time it was discovered and the first attack.