French government also warns Internet Explorer users

Just like the German government did last week, the French government via the National Information Systems Security Agency (Agence nationale de la sécurité des systèmes d’information) has also issued an alert, recommending users to switch to another web browser regarding an Internet Explorer’s vulnerability that was exploited to hack Google servers in China.

Here’s a translated version of the warning, provided by Google Translate:

A vulnerability in Microsoft Internet Explorer [6, 7 and 8] allows malicious people to execute arbitrary code remotely.

Temporary Workaround

Pending a patch from the publisher, CERT recommends using an alternative browser. CERT said it is also strongly advised to browse the Internet with a user account with limited rights and the disabling of interpretation of dynamic code (JavaScript, ActiveX, …). Moreover, activation of the DEP (Data Execution Prevention) may limit the impact of this vulnerability.

In case you wonder, Firefox 3.5 is a free web browser available in more than 70 languages for Windows, Linux, and Mac OS X, and the best way to stay away of obscure security threats, while getting a richer, more personal web experience.

A vulnerability in Microsoft Internet Explorer allows malicious people to execute arbitrary code remotely.

4 Description 4 Description

Une vulnérabilité due à une référence à un pointeur non valide permet à une personne malintentionnée d’exécuter du code arbitraire à distance. A vulnerability due to a reference to an invalid pointer allows a malicious person could execute arbitrary code remotely. Des exploitations limitées de cette vulnérabilité ont déjà été constatées. Limited holdings of this vulnerability have been reported.

5 Contournement provisoire 5 Temporary Workaround

Dans l’attente d’un correctif de l’éditeur, Le CERTA recommande l’utilisation d’un navigateur alternatif. Pending a patch from the publisher, CERT recommends using an alternative browser. Le CERTA rappelle également qu’il est fortement conseillé de naviguer sur l’Internet avec un compte utilisateur aux droits limités et la désactivation de l’interprétation de code dynamique ( JavaScript, ActiveX, … ). CERT said it is also strongly advised to browse the Internet with a user account with limited rights and the disabling of interpretation of dynamic code (JavaScript, ActiveX, …). De plus, l’activation du DEP ( Data Execution Prevention ) peut limiter l’impact de cette vulnérabilité. Moreover, activation of the DEP (Data Execution Prevention) may limit the impact of this vulnerability.

4 thoughts on “French government also warns Internet Explorer users”

  1. If IE hang and crashes it’s because you have Windows problems. Get them fixed and IE will run like a rabbit. 🙂

    1. Except on site that use a lot of javascript. At work, the web applications that we develop using pure html/css/javascript run much noticeably faster in Chrome, Safari and Firefox (in that order) compared to Internet Explorer. Our pages load much slower and are far more sluggish in Internet Explorer (7 and 8 – forget 6, it doesn’t even render most of our stuff properly without us having to do css and dom hacks for it, but that’s another rant). We’ve done many side by side comparisons and have consensus that our admins who run our web apps should use anything except Internet Explorer.

Comments are closed.