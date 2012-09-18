* Move comes after Microsoft warns of bug in browser
* German gov't says hackers using bug to launch attacks
* Microsoft plans to release fix within next few days
* Researcher says attacks seem to target defense contractors
By Harro Ten Wolde and Jim Finkle
FRANKFURT/BOSTON, Sept 18 The German government
urged the public on Tuesday to temporarily stop using Microsoft
Corp's Internet Explorer following discovery of a
yet-to-be repaired bug in the Web browser that the software
maker said makes PCs vulnerable hacker attacks.
It issued the warning as a researcher said he found evidence
that suggests the hackers who exploited the flaw were seeking to
attack defense contractors.
Microsoft said on Monday that attackers can exploit the bug
in its Internet Explorer, used on hundreds of millions of
computers, to infect the PC of somebody who visits a malicious
website and then take control of the victim's computer.
The German government's Federal Office for Information
Security, or BSI, said it was aware of targeted attacks and that
all that was needed was to lure Web surfers to a website where
hackers had planted malicious software that exploited the bug.
"A fast spreading of the code has to be feared," the German
government said in its statement.
BSI advised all users of Internet Explorer to use an
alternative browser until the manufacturer has released a
security update.
Officials with Microsoft did not respond to a request to
comment on the move by the German government, although the
company downplayed the impact of the flaw in a written
statement.
"There have been an extremely limited number of attacks,"
said company spokeswoman Yunsun Wee. "The vast majority of
Internet Explorer users have not been impacted."
The company said it planned to release software to protect
PCs from attack within the next few days. Customers must
manually install the code by visiting Microsoft's website and
clicking on a link.
Microsoft did not say how long it will take to release a
full update to Internet Explorer, which will automatically be
loaded onto the machines of most customers. Several security
researchers have said they expect the update within a week.
'NITRO' LINK
The vulnerability in Internet Explorer was identified on
Friday after the PC of a security researcher from Luxembourg was
infected while analyzing a computer server that was used last
year to launch a cyber industrial espionage campaign on at least
48 chemical and defense companies.
The victims of the so-called "Nitro" attacks included
Fortune 100 corporations that develop compounds and advanced
materials, according to security software maker Symantec Corp
, which disclosed them in October 2011.
Network security firm AlienVault said on Tuesday it has
discovered three other servers that host malicious websites that
exploit the newly found Internet Explorer vulnerability.
Jaime Blasco, manager of AlienVault Labs, said he found
evidence suggesting they targeted defense contractors. As an
example, he said he found a related virus on a site that
provides news on India's defense sector.
"It seems that these guys are behind big targets," he said.
Internet Explorer was the world's second-most widely used
browser last month, with about 33 percent market share,
according to StatCounter. It was close behind Chrome, which had
34 percent of the market.
Until the new software is available from Microsoft, the
company advises customers to use a free security tool, which is
known as the Enhanced Mitigation Experience Toolkit, or EMET, to
mitigate the risk of attacks. It is available through an
advisory on Microsoft's website:
The EMET software must be downloaded, installed and then
manually configured to protect computers from the newly
discovered threat, according to the posting from Microsoft. The
company also advised customers to adjust several Windows
security settings to thwart potential attackers, but cautioned
that doing so might impact the PC's usability.
Some security experts have said it would be too cumbersome
for many PC users to implement the measures suggested by
Microsoft. Instead they advised Windows users to temporarily
switch from Internet Explorer to rival browsers such as Google
Inc's Chrome, Mozilla's Firefox or Opera Software ASA's
Opera.