F-Secure advises disabling IE

Due to 0-day vulnerability, F-Secure recommends disabling Internet Explorer.

The versions 6, 7 and 8 of Internet Explorer are affected by a fault in operation immediately. An exploit has also been integrated into the Metasploit framework and has the particularity to circumvent the protections DEP and ASLR in Windows 7. 

Because of this vulnerability, F-Secure does not compromise and advises to divert the popular browser in order to avoid any trap set in the context of a Web-based attack. To this end, the Finnish security firm recalls with Windows 7, which should have acquired new users at Christmas, it is possible to disable some Windows features (via the control panel program) and Internet Explorer is part of the lot. Note however that the Internet Explorer Version 9 is not affected by that vulnerability. 

Attached to the National Security Agency Information Systems, the CERTA (Centre of expertise for government response and processing of computer attacks) for its part recommends several actions pending a fix . Disabling JavaScript, the rollout of EMET or use an alternative browser.

Using an alternative browser is finally a recommendation for frequent CERTA. Such advice is lavished whatever the browser in question, insofar as a serious flaw is waiting to fix.


Please enter your comment!
Please enter your name here