Germany, France Advise Users to Avoid Microsoft Browser

ByStander

German and French officials warned people against using Microsoft Corp.'s Internet Explorer Web browser because of a security hole that hackers are believed to have exploited in recent attacks on Google Inc. and other companies.

But Microsoft challenged the recommendations from German and French government agencies to switch to alternative browsers, saying customers should instead upgrade to the latest version of its browser, Internet Explorer 8.

Germany's Federal Office for Information Security, known by its German initials, BSI, advised "temporary use of alternative browsers" because of a "critical security hole" in Microsoft's software that allows hackers to remotely plant and run malicious code on Windows PCs.

France's CERTA agency separately recommended the use of alternative browsers until a corrected version was available from Microsoft.

Microsoft said last week that hackers used a security vulnerability in its browser in an attack on Google and others and said it was working with Google to investigate the issue.

Microsoft on Monday confirmed the technical details in the French and German advisories but said the company doesn't agree with their recommendations to switch browsers.

"It is important to note that all software has vulnerabilities and switching browsers in an attempt to protect against these, highly publicized but currently limited attacks can inadvertently create some false sense of security," Microsoft said.

A Microsoft spokeswoman reiterated an earlier recommendation by Microsoft that users reduce the risk of the security threat by upgrading to Internet Explorer 8, which she said includes security precautions that make exploiting the vulnerability more difficult than on other versions. Microsoft says malicious code created to exploit the vulnerability has been effective only against an older version of its browser, Internet Explorer 6.

Microsoft has recommended that users of Internet Explorer 6 adjust the security settings in the browser to "high" so that the software prompts them before running potentially harmful programming code on Web sites.