Get the latest tech news How to check Is Temu legit? How to delete trackers
TECH
U.S. Department of Homeland Security

Internet Explorer flaw not yet patched

Elizabeth Weise
USATODAY
Windows Internet Explorer is being targeted by hackers.

SAN FRANCISCO — No word yet on when a fix for a recently-discovered security flaw in Internet Explorer might be available. The flaw led the U.S. Department of Homeland Security on Monday to advise Americans to switch to a different browser until it's corrected.

Microsoft, which makes Internet Explorer, had not posted any new news about the problem since Saturday.

Other nations, including the United Kingdom and Sweden, are making the same suggestion.

"Users should also consider using alternative browsers, such as Google Chrome and Mozilla Firefox; and ensure that their antivirus software is current and regularly updated," the United Kingdom's National Computer Emergency Response Team said in its advisory.

Microsoft says it is aware of only "limited, targeted attacks." So far no large-scale problems have been reported.

The security problem has meant going in and disabling Adobe Flash on the computer networks of many of his clients, said Jerry Irvine, the chief information officer at Prescient Solutions, a Chicago-based IT company.

While not difficult to do, it has disrupted some companies that use Flash-based streaming video for communications.

"It could be Webinars, it could be training programs," Irvine said.

The security flaw allows attackers to slip malicious code into an innocuous website, using a compromised Adobe Flash file.

When a victim visits the tainted website using any of the Internet Explorer web browsers versions 6 through 11, the attackers are able to gain full user rights over the victim's computer — and potentially all information on it.

While Microsoft is expected to issue a patch for the problem soon, there will be no patch for the millions people who still run Microsoft's Windows XP operating system. The operating system was first released in 2001 and Microsoft officially stopped supporting it on April 8, 2014. That means no more security updates.

According to some studies, 76% of companies continue to run at least one computer using Windows XP.

Many of Irvine's clients have moved to another browser for now. But he doesn't think Internet Explorer in and of itself is a problem.

"It's a great application. It's a bug that's going to be fixed," he said. "Every application out there today has some level of vulnerability or risk and needs to be constantly monitored and updated."

Featured Weekly Ad