Saturday, January 23, 2010
How safe is Internet Explorer?
Last week Google announced that its subsidiary in China, along with many other companies, have been targets of a very sophisticated cyber attack. The news created a big buzz in the media and around the political world because it seemed to pit Google against China. From the consumers point of view, the worrisome news is that one of the security holes that the attackers used was found in the Internet Explorer browser, arguably the most popular browser in the world.
Attackers were able to insert malware code into user computers running Internet Explorer which enabled them to access personal Gmail accounts. The malware code has since been made public and this exploit is available to anyone now interested in putting it to nefarious use, which could include going beyond just reading your Gmail account.
" I believe this is the largest and most sophisticated cyber attack we have seen in years," said George Kurtz, chief technology officer at McAfee in his blog. "What really makes this a watershed moment in cyber security is the targeted and coordinated nature of the attack with the main goal appearing to be to steal core intellectual property."
Microsoft has since admitted the existence of this security hole and recommends that browser security zone be set to high. But unfortunately, this does not prevent all malware codes that might compromise your security. Furthermore, it removes many features from the browser and restricts its use. The company released a security patch for Internet Explorer 6 and claims it effects only that version of the browser, but researchers have succeeded using the exploit on versions 7 and 8. walletpop