The Vulnerability of Internet Explorer
1 · AUG ·2014
Microsoft’s Internet Explorer is the most popular Internet browser in the world, however over the years it has lost a number of users to competitors such as Firefox, Chrome, Safari and Opera. Unfortunately, Microsoft has not been able to keep up when it comes to plugins and features for Internet Explorer, and recent news has also suggested that it is also more prone to hackers than any other browser.
Earlier this week AlienVault Labs reported that hackers have been exploiting vulnerabilities in Internet Explorer in order to gain information concerning virus programmes. Its director, Jaime Blasco, said: “They collect information through Internet Explorer on the software running on the machine to determine which software can be attacked in the future. The hackers also share details of web server and computer vulnerabilities with others inside the community. By knowing what security software is installed, the hackers can determine if their attack is going to work.
“That way they will only attack a computer they know is vulnerable and avoid alerting security companies to their presence. We’ve seen it from different groups in China, targeting the US defence department and government employees, but we’re also seeing this kind of technique used more and more often. In the beginning we only saw these techniques being used by very skilled attackers, but in the past few months we’ve seen regular cybercriminals adopt them too. Regular cybercriminals are learning from the highly skilled.”
Earlier this year Microsoft released a number of patches for Internet Explorer, however it seems that they have not been able to stop cybercriminals from taking advantage of its faults. Discussing the issue, a spokesman for Microsoft said: "We’re aware of the reported issues, one of which has been addressed in newer versions of Internet Explorer. Each version of Internet Explorer is more secure than the last and contains new and improved security features that help protect customers. We are actively investigating the other issues and continue to recommend customers upgrade to the latest modern browser, Internet Explorer 11.”
Even though Microsoft is confident that they can fix the issues within Internet Explorer, it may be too late as a number of companies and industry experts are already advising users to switch to more secure browsers such as Chrome. Blasco said: “Chrome is designed with security in mind. It has a suite of security features in place that means that even if attackers find a hole in one layer they have to bypass other security measures that are in place.” Meanwhile, computer security specialists Bromium Labs said: "The notable aspect for this year thus far in 2014 is that Internet Explorer was the most patched and also one of the most exploited products, surpassing Oracle Java, Adobe Flash and others in the fray.
“Bromium Labs believes that the browser will likely continue to be the sweet spot for attackers." However, even though fewer individuals are likely to use Internet Explorer in the future, businesses – especially companies that specialise in creating websites and online software – still need to ensure that their products are usable on the browser. This means that they need to tackle the issue of security when it comes to IE by utilising advanced firewall and anti-virus software. Unfortunately, individual users tend to purchase anti-virus software that is regularly targeted by cybercriminals and therefore can be hacked with ease, however businesses are able to have more robust systems in place.
As all Microsoft computers automatically come with Internet Explorer as their default browser, it is important that both individuals and businesses protect themselves against the threats posed by cybercriminals. This can be achieved by installing advanced anti-virus software, regularly running scans on your computers in order to check for viruses, and utilising other browsers such as Chrome or Safari if you are concerned that your business or personal computer is a potential target for cybercriminals.