World Bulletin / News Desk
The German government urged the public on Tuesday to temporarily stop using Microsoft Corp's Internet Explorer following discovery of a yet-to-be repaired bug in the Web browser that the software maker said makes PCs vulnerable hacker attacks.
It issued the warning as a researcher said he found evidence that suggests the hackers who exploited the flaw were seeking to attack defense contractors.
Microsoft said on Monday that attackers can exploit the bug in its Internet Explorer, used on hundreds of millions of computers, to infect the PC of somebody who visits a malicious website and then take control of the victim's computer.
The German government's Federal Office for Information Security, or BSI, said it was aware of targeted attacks and that all that was needed was to lure Web surfers to a website where hackers had planted malicious software that exploited the bug.
"A fast spreading of the code has to be feared," the German government said in its statement.
BSI advised all users of Internet Explorer to use an alternative browser until the manufacturer has released a security update.
Officials with Microsoft did not respond to a request to comment on the move by the German government, although the company downplayed the impact of the flaw in a written statement.
"There have been an extremely limited number of attacks," said company spokeswoman Yunsun Wee. "The vast majority of Internet Explorer users have not been impacted."
The company said it planned to release software to protect PCs from attack within the next few days. Customers must manually install the code by visiting Microsoft's website and clicking on a link.
Microsoft did not say how long it will take to release a full update to Internet Explorer, which will automatically be loaded onto the machines of most customers. Several security researchers have said they expect the update within a week.
The vulnerability in Internet Explorer was identified on Friday after the PC of a security researcher from Luxembourg was infected while analyzing a computer server that was used last year to launch a cyber industrial espionage campaign on at least 48 chemical and defense companies.
The victims of the so-called "Nitro" attacks included Fortune 100 corporations that develop compounds and advanced materials, according to security software maker Symantec Corp , which disclosed them in October 2011.
Network security firm AlienVault said on Tuesday it has discovered three other servers that host malicious websites that exploit the newly found Internet Explorer vulnerability.
Jaime Blasco, manager of AlienVault Labs, said he found evidence suggesting they targeted defense contractors. As an example, he said he found a related virus on a site that provides news on India's defense sector.
"It seems that these guys are behind big targets," he said.
Internet Explorer was the world's second-most widely used browser last month, with about 33 percent market share, according to StatCounter. It was close behind Chrome, which had 34 percent of the market.
Until the new software is available from Microsoft, the company advises customers to use a free security tool, which is known as the Enhanced Mitigation Experience Toolkit, or EMET, to mitigate the risk of attacks. It is available through an advisory on Microsoft's website:
The EMET software must be downloaded, installed and then manually configured to protect computers from the newly discovered threat, according to the posting from Microsoft. The company also advised customers to adjust several Windows security settings to thwart potential attackers, but cautioned that doing so might impact the PC's usability.
Some security experts have said it would be too cumbersome for many PC users to implement the measures suggested by Microsoft. Instead they advised Windows users to temporarily switch from Internet Explorer to rival browsers such as Google Inc's Chrome, Mozilla's Firefox or Opera Software ASA's Opera.
Waves of cyberattacks disrupt services for many East Coast US Internet users
Critics slam company after claims it allowed NSA to scan all users’ emails
Shenzhou-11 to take 2 astronauts into space, dock with orbiting space lab Tiangong-2 within 2 days
A German politician has said Facebook should pay for failing to remove online hate comment
For the first time in over 120 years, a design patent case will be heard by the US supreme court.
Toyota is usually associated with cars, but it has been investing millions in robotics and Kirobo is its first commercial foray into the sector.
A joint Mongolian-Japanese expedition found the giant print, which measures 106 centimetres (42 inches) long and 77 centimetres wide.
Current conditions may ‘commit Earth to an eventual total warming of 5 degrees Celsius’ in few thousand years, author says
Cyber-attack in 2014 likely the largest data breach in history
Photographs, videos, polls, quoted tweets no longer count toward 140-character limit
2.5 million phones recalled days before Apple introduces iPhone 7
Mark Zuckerberg has vowed to continue effort to provide satellite for Africa
3.7-billion-year-old rock suggests life began soon after Earth’s formation
Facebook will target advertising to Whatsapp users but will steer clear of third party advertising content
The global seed giant Monsanto is pulling its application to introduce GMO cotton seed after a row with the Indian government, which is demanding the company share its technology with local seed companies.
Proxima b could be visited by spacecraft within next 100 years