The US government warned against the usage of Internet Explorer following the revelation of a major vulnerability in the browser, and both the UK and Australian governments have also added their own warnings.
The flaw in question is of the remote code execution variety, meaning that an attacker exploiting it could gain full access rights to the PC in question, and basically take control of the machine and do all manner of potentially nasty things as a result. The US government has advised users to abandon Internet Explorer until the issue is fixed, as we reported yesterday.
And now two more governments have chipped in with their own cautions, according to the Sydney Morning Herald.
The Australian government's Stay Smart Online service issued a statement to say that users could utilise two temporary fixes which Microsoft has suggested to help stay safer – namely deploying the Enhanced Mitigation Experience Toolkit, and switching your browser's Security Zone settings to High. However, it concluded that a "more simple alternative solution" would be to simply install and use a different browser such as Chrome or Firefox.
And the UK's Computer Emergency Response Team (CERT) gave similar advice to Brits, counselling them to consider an alternative browser, and also to ensure that security software is fully up to date, and antivirus definitions are current.
Internet Explorer's reputation is certainly being tarnished through this episode – which is why Microsoft will perhaps now be leaning towards issuing an out-of-cycle fix, and giving this top priority, rather than waiting to deploy a patch in its normal schedule. We shall see...
The vulnerability affects IE versions 6 through 11, and worryingly also hits those using Windows XP – which is of most concern seeing as support for that OS had now ended, so a security patch won't be issued to fix the problem.
For more details on this episode, see our piece on Microsoft's Internet Explorer bugs: How worried should you be?