Germany's community adviced to not use Internet Explorer [it's Hacked by China]

Microsoft has admitted that its Internet Explorer was a weak link in the recent attacks on Google's systems that originated in China. Монгол Англи 2 роор бичсэн.

Published from BBC News [BBC news ээс хийгдсэн]

In English

The firm said in a blog post on Thursday that a vulnerability in the browser could  allow hackers to remotely run programs on infected machines.

Following the attack, Google threatened to end its operations in China.

Microsoft has released preliminary guidance to mitigate the problem and is working on a formal software update.

So far, Microsoft "has not seen widespread customer impact, rather only targeted and limited attacks exploiting Internet Explorer 6".

"Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks," said Microsoft's director of security response Mike Reavey in the post.

'Unfortunate'

Security firm McAfee told news agency AFP that the attacks on Google, which targeted Chinese human rights activists worldwide, showed a level of sophistication above that of typical, isolated cyber criminal efforts.

McAfee's vice-president of threat research Dmitri Alperovitch told AFP that although the firm had "no proof that the Chinese are behind this particular attack, I think there are indications though that a nation-state is behind it".

The recent spate of attacks was alleged to have hit more than 30 companies including Google and Adobe, but security firms have since said that such invasions are routine.

Mr Reavey echoed this in the post.

"Unfortunately cyber crime and cyber attacks are daily occurrences in the online world. Obviously, it is unfortunate that our product is being used in the pursuit of criminal activity. We will continue to work with Google, industry leaders and the appropriate authorities to investigate this situation."

Монголоор

Одоогийн байдлаар Хятадаас үүсэлтэй халдлагад Google-тэй нийлээд АНУ-ын 34-н компани өртсөн гэдгийг мэргэжилтнүүд тогтоогоод байгаа юм байна. Энэ халдлагыг хэрэгжүүлэхэд Microsoft компанийн Internet Explorer веб хөтөчийн алдааг (өөр бусад аргын хажуугаар) ашигласан бөгөөд Microsoft компани үүнтэй холбогдуулан анхааруулга гаргажээ.

Microsoft Security Advisory (979352)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Published: January 14, 2010 | Updated: January 15, 2010
http://www.microsoft.com/technet/security/advisory/979352.mspx

Энэ анхааруулгын дагуу Microsoft Windows 2000 SP4 үйлдлийн систем дээр ажиллаж байгаа Internet Explorer 6 SP1 болон Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2(!) үйлдлийн систем дээр ажиллаж байгаа Internet Explorer 6, 7, 8(!) хувилбарууд цоорхойтой бөгөөд халдлагад өртөх боломжтой юм байна.

Өөрөөр хэлбэл, Microsoft Windows дээр Internet Explorer программын ямар ч хамаагүй хувилбар ашиглаж л байгаа бол халдлагад өртөх бүрэн боломжтой болчихоод байгаа юм байна.

Энэ цоорхойг Microsoft нөхөж хаатал Microsoft Internet Explorer веб хөтчийг ашиглахгуй байхыг ХБНГУ-ын Мэдээллийн аюулгүй байдлын төрийн албанаас (ойролцоо орчуулга) зөвлөсөн байна.

Kritische Sicherheitslьcke im Internet Explorer
BSI empfiehlt die vorьbergehende Nutzung alternativer Browser
Bonn, 15.01.2010
https://www.bsi.bund.de/cln_183/ContentBSI/presse/Pressemitteilungen/Sicherheitsluecke_IE_150110.html