Way to go local news for getting it wrong

On September 19, 2012, in Security, by

My local news tonight said there’s an vulnerability with IE.  … so far so good.

They said the German government said to stop using IE (they did, but they’ve done this before and quite frankly have always been a bit anti Microsoft)

And then they said there was a patch to download on the Microsoft web site.

Gag me with an inaccuracy.  There is no patch, we have to wait for a fixit as well as an update.

And in fact right now the vulnerability is only being used in targeted attacks against defense contractors and others.

http://labs.alienvault.com/labs/index.php/2012/the-connection-between-the-plugx-chinese-gang-and-the-latest-internet-explorer-zeroday/

“It seems the guys behind this 0day were targeting specific industries. We’ve seen that they compromised a news site related to the defense industry and they created a fake domain related to LED technologies that can be used to perform spearphishing campaigns to those industries.”

 

One Response to Way to go local news for getting it wrong

  1. D. from Germany says:

    No, they didn’t!

    The German government did not comment the 0day, the German Federal Office for Information Security (BSI) did. They didn’t recomment to stop using IE, they recommended to temporarily use a different browser unil the issue is resolved. Further, they never wrote anything about a patch.

    And in my opinion the German government, or BSI are not anti-Microsoft. It just raises difficulties if you apply US terms of services (etc.) in foreign legislation. What do you expect?