World Bulletin / News Desk
The German government urged the public on Tuesday to temporarily stop using Microsoft Corp's Internet Explorer following discovery of a yet-to-be repaired bug in the Web browser that the software maker said makes PCs vulnerable hacker attacks.
It issued the warning as a researcher said he found evidence that suggests the hackers who exploited the flaw were seeking to attack defense contractors.
Microsoft said on Monday that attackers can exploit the bug in its Internet Explorer, used on hundreds of millions of computers, to infect the PC of somebody who visits a malicious website and then take control of the victim's computer.
The German government's Federal Office for Information Security, or BSI, said it was aware of targeted attacks and that all that was needed was to lure Web surfers to a website where hackers had planted malicious software that exploited the bug.
"A fast spreading of the code has to be feared," the German government said in its statement.
BSI advised all users of Internet Explorer to use an alternative browser until the manufacturer has released a security update.
Officials with Microsoft did not respond to a request to comment on the move by the German government, although the company downplayed the impact of the flaw in a written statement.
"There have been an extremely limited number of attacks," said company spokeswoman Yunsun Wee. "The vast majority of Internet Explorer users have not been impacted."
The company said it planned to release software to protect PCs from attack within the next few days. Customers must manually install the code by visiting Microsoft's website and clicking on a link.
Microsoft did not say how long it will take to release a full update to Internet Explorer, which will automatically be loaded onto the machines of most customers. Several security researchers have said they expect the update within a week.
The vulnerability in Internet Explorer was identified on Friday after the PC of a security researcher from Luxembourg was infected while analyzing a computer server that was used last year to launch a cyber industrial espionage campaign on at least 48 chemical and defense companies.
The victims of the so-called "Nitro" attacks included Fortune 100 corporations that develop compounds and advanced materials, according to security software maker Symantec Corp , which disclosed them in October 2011.
Network security firm AlienVault said on Tuesday it has discovered three other servers that host malicious websites that exploit the newly found Internet Explorer vulnerability.
Jaime Blasco, manager of AlienVault Labs, said he found evidence suggesting they targeted defense contractors. As an example, he said he found a related virus on a site that provides news on India's defense sector.
"It seems that these guys are behind big targets," he said.
Internet Explorer was the world's second-most widely used browser last month, with about 33 percent market share, according to StatCounter. It was close behind Chrome, which had 34 percent of the market.
Until the new software is available from Microsoft, the company advises customers to use a free security tool, which is known as the Enhanced Mitigation Experience Toolkit, or EMET, to mitigate the risk of attacks. It is available through an advisory on Microsoft's website:
The EMET software must be downloaded, installed and then manually configured to protect computers from the newly discovered threat, according to the posting from Microsoft. The company also advised customers to adjust several Windows security settings to thwart potential attackers, but cautioned that doing so might impact the PC's usability.
Some security experts have said it would be too cumbersome for many PC users to implement the measures suggested by Microsoft. Instead they advised Windows users to temporarily switch from Internet Explorer to rival browsers such as Google Inc's Chrome, Mozilla's Firefox or Opera Software ASA's Opera.
Spanish news publishers want government to negotiate with Google.
The Russian space station Mir, launched by the Soviet Union in 1986, operated until 2001 and President Vladimir Putin is now seeking to reform Russia's once-pioneering space industry
Google's action caps a decade of acrimony with news publishers who blame the search giant for revenue and readership declines
Top climate envoy gives broad support for global deal but says country's "special circumstances" must be factored.
Finnish cyber-security expert tells Istanbul audience that people have made gigantic IT companies billions in profits by providing private data for services.
The scientific observation of Pluto, its entourage of moons and other bodies in the solar system's frozen backyard begins Jan. 15
For the first time in more than 40 years, NASA has launched a spaceship designed to carry astronauts far beyond Earth
Benefits of digital revolution outweigh risks, Germany’s Chancellor says
Last month, Prime Minister Ahmet Davutoglu vowed to make climate change a top priority when Turkey hosts next year’s G20 summit
The emails of Apple’s late CEO is being used as evidence in antitrust claim.
The report said the malware overrides data on hard drives of computers and can make them inoperable and shut down networks.
Among those hit were the London newspapers Daily Telegraph, Independent and Evening Standard, which reported that other news organisations had also been targeted.
The European Union's privacy watchdogs agreed on a set of guidelines to help them implement a ruling from Europe's supreme court that gives people the right to ask search engines to remove personal information
Iraq bars private companies from owning fixed networks transiting domestic data and anything they build is usually seized by the government.
The new crew faces a busy six months in orbit, including a trio of spacewalks to prepare the station for a new fleet of U.S. commercial space taxis