Microsoft learns that IE users are vulnerable to hacker attacks because of a security flaw in the browser. Plus, AOL warns its email users to change their passwords after a cyberattack.
Cybersecurity is a hot topic right now, and this week has brought bad news for users of both Internet Explorer and AOL.
A serious security flaw in Microsoft’s Internet Explorer Web browser allows hackers to hijack computers. According to National Public Radio, this has prompted the Department of Homeland Security to advise Americans to stop using IE now, until a fix can be found.
This isn’t a theoretical threat, NPR said:
The vulnerability, the United States Computer Emergency Readiness Team says, has already been exploited in the wild. Essentially, all a user has to do to become a victim is view a “specially crafted HTML document,” which means a Web page or even a rich email or attachment.
“We are currently unaware of a practical solution to this problem,” CERT said.
You can protect yourself by using another browser, like Mozilla Firefox or Google Chrome, or by disabling Adobe Flash, NPR said.
Krebs on Security discusses other options here.
Microsoft is working on a patch for supported versions of IE, PCWorld said. But if you’re still using Windows XP, you’re out of luck. Microsoft ended support of the 13-year-old operating system on April 8. PCWorld said it recommends switching Web browsers immediately.
Google has promised to support the XP version of Google Chrome until April 2015, while Mozilla has yet to announce a Firefox end-of-support date for XP. Should a vulnerability hit either of those browsers on XP it will be patched, unlike IE.
In other cybersecurity news, after receiving notification that hackers accessed its computer networks, AOL is investigating a security threat that has affected about 2 percent of its users. The Washington Post said:
Those who use AOL’s mail service may have had their email address, postal addresses and address book information compromised. Hackers also obtained encrypted versions of users’ passwords and security questions. AOL said it has “no indication” that the encryption was broken.
If you use AOL, it is recommended that you immediately change your passwords and security questions.