Internet Explorer falls prey to bug; Homeland Security suggests not using it
SAN FRANCISCO — The Department of Homeland Security is advising Americans not to use the Internet Explorer browser until a fix is found for a serious security flaw that was brought to light during the weekend.
The bug was announced on Saturday by FireEye Research Labs, an Internet security software company based in Milpitas, Calif.
“We are unaware of a practical solution to this problem,” the Department of Homeland Security's United States Computer Emergency Readiness Team said in a post.
It recommended that users and administrators “consider employing an alternative Web browser until an official update is available.”
Because the hack uses a corrupted Adobe Flash file to attack the victim's computer, users can avoid it by turning off Adobe Flash.
“The attack will not work without Adobe Flash,” FireEye said. “Disabling the Flash plugin within IE will prevent the exploit from functioning.”
FireEye said that the hackers exploiting the bug are calling their campaign “Operational Clandestine Fox.”
Microsoft confirmed that it is working to fix the code that allows Internet Explorer versions six through 11 to be exploited by the vulnerability. As of Monday, no fix had been posted.
About 55 percent of PCs run one of those versions of Internet Explorer, according to the technology research firm NetMarketShare.
The bug works by using Adobe Flash to attack a computer's memory.
Show commenting policy
TribLive commenting policy
- Edible pot ban proposed, yanked in Colorado
- Over 3 years, extended federal leave adds up to $775M
- Earth heads for record 2014
- West Virginia University warns students over riots
- Revised Ebola guidelines stress full gear, training
- Suspect in Va. disappearance charged in rape
- EPA hopes grants will reduce Lake Erie algae
- Congress examines NSA official’s part-time job
- Officials: 500M financial records hacked
- Navy civilian goes on trial for diverting $2M to brother of his boss
- Crying suspect trapped in Calif. chimney, saved but arrested