Wednesday, 20 January 2010

Internet Explorer insecurities

Last week Google announced that it was considering pulling out of China following the discovery that hackers had been attempting to access the Google Mail accounts of some Chinese Human Rights activists. Google believed that such hacks were condoned by the Chinese government. (Why Google was in China in the first place, given that it had to agree to strict censorship rules imposed by the Chinese govt, is another story. Google's corporate motto is "Don't Be Evil".)

It has now come to our attention that it has been suggested that the hack was enabled through security vulnerabilities which exist in Microsoft's Internet Explorer (IE) - the most widely used browser of the internet. So serious are these vulnerabilities that the German, French and Australian governments have issued guidance that their citizens should avoid using IE.

Other browsers are freely available and most are considered faster and more secure than IE; such as Firefox, Google Chrome, Opera and Safari.

Microsoft initially claimed that these vulnerabilities only existed in older versions of IE and that users of IE8 (the latest version) were not affected. However, they do intend to rush out a patch for this particular vulnerability; indicating that they see this as an exceptionally serious threat to their dominant position on the internet.

The IT Dept has been using FireFox for several years, in line with most other IT companies.

Michael D

21st Jan 2010 - Update

Microsoft has now announced it is to release a series of patches to cover this vulnerability - and has also admitted that other Microsoft products could be affected, such as Word, Excel, PowerPoint or Access.

Users shouldn't panic though. Such exploits still tend to rely upon the user activating a virus of some sort by opening a rogue attachment in an email or by visiting a hacked web site. Be as wary as always of opening attachments that seem odd and don't go to strange web sites.

© Michael Donkin 2010