又是中國人

skyhookii

Calls to ditch Internet Explorer after China hacks

Internet users are being warned off Internet Explorer after it was revealed that recent sophisticated cyber attacks on Google and other businesses exploited a previously unknown flaw in Microsoft's web browser.

Germany's Federal Office for Information Security, or BSI, told Germans to avoid use of all versions of Explorer after the security hole led to hacks against Google and others.

Microsoft confirmed the weakness after Google announced that hackers in China had pried into email accounts of human rights activists. However, the company said that the hole could be closed by setting the browser's internet security zone to "high".

But the BSI insisted that such measures were not sufficient.

"Using Internet Explorer in 'secure mode', as well as turning off Active Scripting, makes attacks more difficult but can not fully prevent them," BSI said in a statement.

Google said last week that in mid-December, it detected an attack on its corporate infrastructure originating from China that resulted in the theft of its intellectual property. It eventually found that more than 20 other companies had been infiltrated.

Security firm McAfee said on Thursday that those who engineered the attacks tricked employees of the companies into clicking on a link to a website that secretly downloaded sophisticated malicious software onto their PCs through a campaign that the hackers apparently dubbed "Operation Aurora".

"We have never seen attacks of this sophistication in the commercial space. We have previously only seen them in the government space," said Dmitri Alperovitch, a vice-president of research with McAfee.

The programs allowed the hackers to take control of the PCs without the knowledge of their users, said McAfee, which has been researching the matter on behalf of several companies involved in the attacks since late last week.

Alperovitch declined to say which companies had hired McAfee, saying they had signed confidentiality agreements.

So far the only other victim to come forward is design software maker Adobe Systems, which has said that it is still investigating the matter.

Some researchers have speculated that the attackers may have exploited flaws in Adobe's Acrobat software and its widely used Reader program for opening PDF documents.

McAfee's researchers said that they found no evidence that was the case.

Still,they said that the hackers might have used other types of malicious software to break into Google and the other companies.

Internet Explorer is vulnerable on all recent versions of the Windows operating system, including Windows 7, McAfee says. Microsoft said attacks had been limited to IE6, an older version of the application.

Link

Basically it has been found out that hackers can retrieve saved passwords on your computer if you use Internet Explorer. Flaws haven't been found in other web browsers such as Firefox, Opera, Chrome or Safari. If you are using IE, please download another browser immediately!

Firefox: http://www.mozilla.com/en-US/products/download.html
Opera: http://www.opera.com/download/
Chrome: http://www.google.com/chrome/eula.html
Safari: http://www.apple.com/safari/download/