Microsoft's Internet Explorer (IE) Web browser has been hit by serious bug, which makes users vulnerable to 'drive-by install' events – installation of malicious software (malware) without user's knowledge. That means you do not need to click on a web URL to initiate drive-by install event. And once malware is installed on your machine it can remotely be controlled by others. Microsoft claims that malware gets installed through an URL which comes in an email from known sender and target website is similar to one you have been visiting.
The bug was initially found by a group of hacker in a cyber assault named as 'Operation Clandestine Fox'. By taking advantage of IE bug, the hackers have already attacked some critical U.S. financial firms. IE versions 6 through 11 have been affected by the bug. However, versions 9 and higher are more vulnerable to cyber attacks.
According to an estimate, 50-55% PC users have Internet Explorer as their web browser and are highly vulnerable to cyber attacks. Consequently, the U.S. Department of Homeland security had to issue an advice that people should not use Internet Explorer Web browser until Microsoft finds a fix to the bug. "We are currently unaware of a practical solution to this problem" – Department of Homeland Security.
Following are few actions which you can take to keep you cyber life safe;
- Immediately Stop using Internet Explorer
- Enable firewall on PC computer
- Install and update antivirus
- Install latest windows updates
- If possible, upgrade Windows XP to higher versions
- Switch to Google's Chrome, Forefox or Safari
- Do not blindly click links sent in emails - first ensure identity of the sender