The U.S. Department of Homeland Security is advising Americans not to use Microsoft Corp.'s Internet Explorer Web browser due to a security flaw that came to light over the weekend, USA Today reported.
The bug was announced on Saturday by FireEye Research Labs, a California-based Internet security software company.
The department recommends that users and administrators use a different Web browser until an update is available.
The security flaw allows hackers to get around security protections in the Windows operating system. Users' computers then can be infected when visiting a compromised website. The hackers inject their code into common websites, and then hidden code on the site infects users.
The hack uses a corrupted Adobe Flash file to attack the victim's computer, meaning users can also avoid the bug by turning off Adobe Flash.
The bug affects all versions of Internet Explorer 6 through 11, and is currently targeting Internet Explorers 9 and 10, FireEye said.
According to this Forbes article, Microsoft, in a statement, said "an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights."
The vulnerability is a 'zero-day' threat, meaning that the first attacks were made before Microsoft was aware of it. FireEye also revealed that a hacker group has already been exploiting the flaw in a campaign that targets U.S. military and financial institutions.
Editor's Note: What browser should you use?
Primarily there are two other popular browsers that can be downloaded for free - Google Chrome and Mozilla Firefox. There are others, but these are two of the safest and most utilized browsers. My personal preference is Google Chrome and it is what our newsroom currently uses. Download Chrome | Download Firefox
- Chris Conetzkey, editor of the Business Record