Internet Explorer safe to use again after zero-day patch, Germany decides

Summary:The German Federal Office for Information Security is reversing its stance on Internet Explorer, after Microsoft released an update that plugs the recently discovered security hole.

Germany's Federal Office for Information Security (BSI), the agency that looks after IT security for the country's federal government, has given the all clear on using Internet Explorer.

Early last week, the agency advised Germany's computer users to ditch IE after researchers discovered a zero-day vulnerability in IE6 to 9. If exploited, the flaw gave an attacker system access with the privileges of the currently logged-in user.

Germany's Federal Office for Information Security has rescinded a warning not to use Internet Explorer.

However, after Microsoft released an out-of-band-patch for Internet Explorer on Friday, the BSI rescinded its recommendation not to use the browser. After installing the patch, and with the rest of the system up to date, users and companies should be safe to use IE as long as they take the usual security precautions, it said.

"We do not decide which software the end user runs on his system," a BSI spokesman told ZDNet. "However, we issue recommendations or warnings — it's up to the user to decide which product he wants use. When Microsoft released a patch, we released a related statement the same evening. We also broadcast the information over services like our Bürger-CERT."

While it might be easy for users to temporarily move to another browser, such a wholesale switch could present more of a problem for companies and organisations that rely on a strictly defined IT environment. The BSI advocates enterprises not put all their eggs in one browser basket: "Our recommendation is to implement a two-browser-strategy," the spokesman added. Businesses also have the option of using the Enhanced Mitigation Experience Toolkit to protect against security vulnerabilities, but it "is probably too complicated for a home user".

The BSI often talks with tech companies and kept up to date with Microsoft during the whole patch issue. "We communicate on a professional level," the spokesman added.

Topics: Security, Enterprise Software, EU, Microsoft


Moritz is an IT-journalist with more than eight years of experience as an author under his belt. His passion for computers began long before that and new trends like Arduinos and rapid prototyping fascinate him more than ever. So far he has worked with German publications like PC-Welt, ComputerWoche or GameStar, as well as sites like Sear... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.