The German government has taken an unprecedented step for national cyber-security: it warned its citizens to stop using Internet Explorer, the default browser shipped with Microsoft Windows.
Germany took this unusual official step a day after it emerged that there was a massive “zero-day” Internet Explorer bug that was actively being exploited by hackers. The Internet Explorer bug affects all popular versions of Internet Explorer (IE)—7, 8 and 9—across all versions of Microsoft Windows in use.
A “zero day” attack refers to a cyber-attack that happens on the first day a vulnerability is exposed, or even prior to public knowledge of that vulnerability. Zero-day exploits are usually uncovered only by expert researchers or hackers with advanced computing and reverse-engineering knowledge—or access to source code.
Microsoft published a security advisory recommending users to disable and turn off “ActiveX” extensions, and install their Enhanced Mitigation Experience Toolkit (EMET).
The vulnerability is reported to be tied to the Java programming language and virtual machine that runs Java programs. PCWorld quoted an expert from Symantec’s Security Response team as saying that the Internet Explorer “exploit was found on the same servers being used as part of “Nitro” attacks.” Symantec also said that the initial “Nitro” cyber-attacks had “initially targeted companies in the chemical industry” and that the hackers “had ramped up their efforts with several new techniques and a Java zero-day vulnerability.”
‘Large State Actor’: Chinese Regime’s Hand?
The “Nitro” cyber-attack earlier this year used social engineering and other techniques to attack computers owned by Tibetans, and a “large state actor” was named as being responsible for the attack. Trend Micro, another cyber-security company, posted a detailed description earlier this year about the Nitro cyber-attacks, which was reported to be able to take over the microphone and web camera of infected computers.
The hackers behind the Nitro cyber-attack and the IE attack were also reported to be recently involved in the more high-profile “zero day” Java vulnerability attack, according to ThreatPost. The Java attack reported back to command-and-control servers located in mainland China.
The only combination of IE and Windows that is immune to the attack is Internet Explorer 10 on Windows 8—which has yet to be released and is still in beta. But even IE 10 is vulnerable to Adobe Flash vulnerabilities, since it ships by default with an older version of Flash.
Windows 8 will be released later this year and will mark Microsoft’s first official foray into tablets.