We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
79,714 News Articles

France joins Germany in Internet Explorer boycott

Microsoft faces pressure to release patch

The French government has joined Germany in advising web users to avoid all versions of Microsoft's Internet Explorer (IE) until a serious security flaw is fixed in the browser.

The German Federal Office for Information Security (BSI) warned users against using versions 6, 7 and 8 of the browser until Microsoft patched the vulnerability referred to Microsoft in advisory 979352, the remote execution security hole believed to be connected to recent high-profile attacks on Google servers which saw the search giant threaten to quit China.

Now the French Centre d'Expertise Gouvernemental de Réponse et de Traitement des Attaques informatique has issued its own terse warning to the same effect.

As with the German government before it, Microsoft's optimistic idea that users can avoid the issue by tweaking their browser to the maximum security level appears to have cut little ice with the French.

This is turning into to be Internet Explorer's darkest week ever. In the space of a few days, a flaw in IE has been blamed for a hack that not only affected Microsoft's rival Google, but which also affected several dozen other companies in the US, was incorrectly pinned on Adobe's PDF Reader by iDefense, and ended up causing an historic row between the Chinese authorities and Google.

On top of all this came last week's publication of the attack code, leaving Microsoft to withdraw red-faced to work out a fix before the situation causes more high-profile problems.

Now nation states are now ganging up against the browser, leaving Microsoft's proposed browser tweak looking like a counsel for the naive.

"These were not attacks against general users or consumers," said Microsoft Germany spokesman, Thomas Baumgaertner, doing his level best to defend the browser.

The attacks were the work of "highly motivated people with a very specific agenda."

Unfortunately, because the attack code is now in the public domain, and because the flaw allows criminals a large degree of control over the compromised system, there is now a serious risk that ordinary computer users will face attacks in the coming days, whether they set IE to the highest security setting - which inconveniently happens to b lock some innocent sites - or not.

Some commentators have warned against over-reaction.

"But switching rashly away from Internet Explorer might be a mistake. Some users may be unfamiliar with a different browser and cause support problems, and some web-based applications may not work at all if you're not using Internet Explorer," said Graham Cluley of Sophos.

"Switching browsers only makes sense if you really know what you are doing with the browser you are swapping to. It may very well be a case of 'better the devil you know'."

Microsoft's next scheduled Patch Tuesday on 9 February, but an earlier issue is now looking possible. Microsoft was unavailable for comment.

Techworld

Broadband speed test

PC security advice

See also: Google considers insider job over China attack


IDG UK Sites

Samsung Galaxy Tab S 8.4 review: The best iPad mini and Nexus 7 rival tablet around

IDG UK Sites

Which Mac? Complete Apple Mac buyers guide for 2014

IDG UK Sites

Mobile email is powerful and useful - but also hopelessly intrusive

IDG UK Sites

Samsung lights up London skyline with Midnight Rainbow