World Bulletin / News Desk
The German government urged the public on Tuesday to temporarily stop using Microsoft Corp's Internet Explorer following discovery of a yet-to-be repaired bug in the Web browser that the software maker said makes PCs vulnerable hacker attacks.
It issued the warning as a researcher said he found evidence that suggests the hackers who exploited the flaw were seeking to attack defense contractors.
Microsoft said on Monday that attackers can exploit the bug in its Internet Explorer, used on hundreds of millions of computers, to infect the PC of somebody who visits a malicious website and then take control of the victim's computer.
The German government's Federal Office for Information Security, or BSI, said it was aware of targeted attacks and that all that was needed was to lure Web surfers to a website where hackers had planted malicious software that exploited the bug.
"A fast spreading of the code has to be feared," the German government said in its statement.
BSI advised all users of Internet Explorer to use an alternative browser until the manufacturer has released a security update.
Officials with Microsoft did not respond to a request to comment on the move by the German government, although the company downplayed the impact of the flaw in a written statement.
"There have been an extremely limited number of attacks," said company spokeswoman Yunsun Wee. "The vast majority of Internet Explorer users have not been impacted."
The company said it planned to release software to protect PCs from attack within the next few days. Customers must manually install the code by visiting Microsoft's website and clicking on a link.
Microsoft did not say how long it will take to release a full update to Internet Explorer, which will automatically be loaded onto the machines of most customers. Several security researchers have said they expect the update within a week.
The vulnerability in Internet Explorer was identified on Friday after the PC of a security researcher from Luxembourg was infected while analyzing a computer server that was used last year to launch a cyber industrial espionage campaign on at least 48 chemical and defense companies.
The victims of the so-called "Nitro" attacks included Fortune 100 corporations that develop compounds and advanced materials, according to security software maker Symantec Corp , which disclosed them in October 2011.
Network security firm AlienVault said on Tuesday it has discovered three other servers that host malicious websites that exploit the newly found Internet Explorer vulnerability.
Jaime Blasco, manager of AlienVault Labs, said he found evidence suggesting they targeted defense contractors. As an example, he said he found a related virus on a site that provides news on India's defense sector.
"It seems that these guys are behind big targets," he said.
Internet Explorer was the world's second-most widely used browser last month, with about 33 percent market share, according to StatCounter. It was close behind Chrome, which had 34 percent of the market.
Until the new software is available from Microsoft, the company advises customers to use a free security tool, which is known as the Enhanced Mitigation Experience Toolkit, or EMET, to mitigate the risk of attacks. It is available through an advisory on Microsoft's website:
The EMET software must be downloaded, installed and then manually configured to protect computers from the newly discovered threat, according to the posting from Microsoft. The company also advised customers to adjust several Windows security settings to thwart potential attackers, but cautioned that doing so might impact the PC's usability.
Some security experts have said it would be too cumbersome for many PC users to implement the measures suggested by Microsoft. Instead they advised Windows users to temporarily switch from Internet Explorer to rival browsers such as Google Inc's Chrome, Mozilla's Firefox or Opera Software ASA's Opera.
An H-IIA rocket blasted off at about 2:30 pm (0530 GMT) from the Tanegashima space centre in southern Japan, according to the Japan Aerospace Exploration Agency (JAXA).
Event offers unprecedented chance for continuous observations across country
Turkish Statistical Institute releases results of April survey on Internet usage
A source close to the matter confirmed a New York Times report on Friday that Facebook took the unusual step of creating an app called Colorful Balloons and releasing it through a local company with no hint that the social network was involved.
The iPhone maker is the latest from Silicon Valley to face a conundrum in balancing their value for human rights and free expression against a government intent on controlling online content.
Researchers use CRISPR gene editing to remove mutation that causes heart failure
Equipped with smart ammunition system, Armed Bayraktar TB2 drones hit precise targets during tests on Sunday
Johnson, kicking off a trip to Japan, visited the robotic centre at Waseda University, which works closely with Britain's University of Birmingham on robotic technologies.
Juno spacecraft will get closest look ever at planet’s massive, centuries-old storm
Novel way of serving has attracted a large number of customers to pizza place in northeastern Multan city
Due to be launched in 2018, BepiColombo will be the European Space Agency's first mission to the closest rock to the Sun.
In historic first, company successfully lands cargo capsule also used to resupply ISS in 2014
Push to cloud business could mean thousands of layoffs, sources say
Company will no longer pull data from free Gmail inboxes to personalize ads