How scary is the latest Internet Explorer security vulnerability? Even the U.S. government says not to use IE until the browser is fixed.
The flaw, which affects Internet Explorer versions 6 and up, allows bad guys to gain complete access to a PC via a malicious website. Dubbed “Operation Clandestine Fox” by the security firm FireEye, the threat is real. And dangerous.
The U.S. Department of Homeland Security doesn’t issue security alerts for computer software very often, but this time, it made an exception. Many agencies within the U.S. government use versions of IE.
Homeland Security recommends that users or administrators “enable Microsoft EMET where possible” and to “consider employing an alternative web browser until an official update is available.”
That’s good advice. Microsoft’s next schedule “Patch Tuesday” isn’t until May 13, although the company may push out an unscheduled update earlier. If you’re using an unsupported version of Windows — like Windows XP — don’t expect to get any updates.
For Windows XP users, the best course of action is to move to Google Chrome or Mozilla Firefox now.