Thursday, December 18, 2008

Internet Explorer Alert

I feel compelled to post this to inform those who may not know about a ongoing issue with Internet Explorer. Experts are warning people to stay away from IE until this issue is resolved! And if you operate or even enter any site using a password take note! Some of you know I have had to battle hackers from time to time. Just last week another attempt was made to hack into one of my websites--by trying to use an old php file I rendered null and void. They also look for js files (java scripts) to hijack and spawn trash. To me, it's tantamount to someone vandalizing a car for glory and exclaiming "aint I pretty?" To which I say, "no, you look like an ugly thug to me". But back to the point. Internet Explorer has another security breech, and this one appears to be quite serious. I myself will not be using IE to log into my sites or blog until the issue is adequately resolved--and I sure would not use it to log into sites to do financial transactions of any kind (Paypal, shopping, etc.)! I often use Mozilla, and I actually prefer it to IE because I have dial up internet access; and Mozilla speeds things up a bit. However, for routine surfing--without using a password for anything, I gather IE would be least hopefully. The article below from a security expert:


Major flaw revealed in Internet Explorer; users urged to switch

The major press outlets are abuzz this morning with news of a major new security flaw that affects all versions of Internet Explorer from IE5 to the latest beta of IE8. The attack has serious and far-reaching ramifications -- and they're not just theoretical attacks. In fact, the flaw is already in wide use as a tool to steal online game passwords, with some 10,000 websites infected with the code needed to take advantage of the hole in IE.

Virtually all security experts (as well as myself) are counseling users to switch to any other web browser -- none of the others are affected, including Firefox, Chrome, and Opera -- at least for the time being, though Microsoft has stubbornly said it "cannot recommend people switch due to this one flaw." Microsoft adds that it is working on a fix but has offered no ETA on when that might happen. Meanwhile it offers some suggestions for a temporary patch, including setting your Internet security zone settings to "high" and offering some complicated workarounds. (Some reports state, however, that the fixes do not actually work.)

Expedient patching or switching are essential. Security pros fear that the attack will soon spread beyond the theft of gaming passwords and into more criminal arenas, as the malicious code can be placed on any website and can be adapted to steal any password stored or entered using the browser. It's now down to the issue of time: Will Microsoft repair the problem and distribute a patch quickly enough to head off the tsunami of fraud that's about to hit or will it come too late to do any good?

Meanwhile, I'll reiterate my recommendation: Switch from Internet Explorer as soon as you can. You can always switch back once the threat is eliminated. (To clarify: You don't need to uninstall IE, just don't use it for the time being.)

Links for other browsers to try: Firefox Chrome Safari Opera

See also: Microsoft To Patch Giant IE Bug