Sophos raises threat level as Microsoft readies IE fix

  • Zero day threat impacts most versions of Windows
  • German Government advises users to stop using Internet Explorer

EXPERTS at SophosLabs have raised their threat level to "High" in response to an as-yet unpatched security vulnerability in Internet Explorer.

The zero day threat, which was uncovered at the weekend and impacts most versions of Windows, has already resulted in the German government advising users to stop using Internet Explorer.

The rise in the SophosLabs threat barometer comes in response to in-the-wild detections that the team has seen in attacks exploiting the CVE-2012-4969 vulnerability in Microsoft's popular web browser, SophosLabs said in a statement.

SophosLabs defines various threat levels from "Low" to "Critical", based upon the prevalence of malware, spam and web threats, and intelligence regarding new vulnerabilities.

Judged on its own, SophosLabs rates the Internet Explorer vulnerability as critical - but the seriousness of the threat has its experts rating the threat level on the Net as a whole as "high".

At the time of writing, Microsoft has only published details of temporary workarounds to reduce the chances of computers being exploited by the vulnerability, but it's clear that the ideal solution would be an official patch for Internet Explorer.

Sophos raises threat level as Microsoft readies IE fixThe good news is that Microsoft is working on a fix.

Yunsun Wee (pic), a communication director at the Microsoft Security Response Center, has said that the company plans to release a "Fix It" within the "next few days".

"The Fix it is an easy-to-use, one-click, full-strength solution any Internet Explorer user can install. It will not affect your ability to browse the Web, and it will provide full protection against this issue until an update is available. It won't require a reboot of your computer," she said.

If you can't wait for a fix, or if you don't like Microsoft's suggested mitigation workarounds, then the only sensible option is to use another browser, SophosLabs said, noting however that this is not an easy option for companies in particular to take.

 

 
Keyword(s) :
 
Author Name :
 
Download Digerati50 2020-2021 PDF

Digerati50 2020-2021

Get and download a digital copy of Digerati50 2020-2021