Last Friday, the CERT published a statement proposing an alternative browser. The CERT makes French citizens aware of a security hole in Microsoft’s browser that is still unpatched. Until Microsoft offers an update, the online community should use a different browser.
The French CERT warns about Internet Explorer versions 6, 7 and 8, while Microsoft has up to now only seen successful attacks using Internet Explorer 6. They have officially confirmed the IE hole and is working on a patch that might even be published as extraordinary “Emergency Patch”. Basically versions 7 and 8 are affected as well, but enhanced security measures seem to make the attack much more complicated, if not impossible. Microsoft advises users to set the security mode to “High” and to use Internet Explorer’s “Safe Mode.”
Among others the still unpatched security hole in Internet Explorer has been used for attacks toward Google and many more companies. The attack seems to originate from the Chinese government.