Hackers are using security flaws in Microsoft’s Internet Explorer to search computers, discover what type of security software is being run, and take control of machines. These exploits are occurring on enormous scales—across companies, servers and individual users—and without user knowledge, exposing serious holes in Internet Explorer’s security.
Criminals that perform these searches are able to intelligently attack machines, with knowledge of just how well their attack will perform. They look for both security software on the machines, and vulnerable spots like PDF readers or certain user applications through which computers can be taken control of. The gaps in security for Internet Explorer allow these hackers to set effective traps for computer owners to fall into. In the past only very skilled hackers used these techniques, but they have now expanded into the skill set of more everyday cybercriminals as well.
Since Internet Explorer is so tightly integrated into Microsoft Windows software, it is more prone to cyber attacks and data invasion than third-party browsers such as Google Chrome or Mozilla Firefox. Microsoft has consistently tried to patch and update the browser, but it has remained vulnerable; experts now recommend moving on from Internet Explorer to those safer third-party browsers.
Jaime Blasco, director of AlienVault Labs security firm, said in a statement, “By knowing what security software is installed, the hackers can determine if their attack is going to work. That way they will only attack a computer they know is vulnerable and avoid alerting security companies to their presence.”
The potential dangers within Internet Explorer are making it an increasingly undesirable option among browsers—keep your computer safe from unwanted attention by trying something new.
Edited by Alisen Downey