However, after Microsoft released an out-of-band-patch for Internet Explorer on Friday, the BSI rescinded its recommendation not to use the browser. After installing the patch, and with the rest of the system up to date, users and companies should be safe to use IE as long as they take the usual security precautions, it said.
"We do not decide which software the end user runs on his system," a BSI spokesman told ZDNet. "However, we issue recommendations or warnings — it's up to the user to decide which product he wants use. When Microsoft released a patch, we released a related statement the same evening. We also broadcast the information over services like our Bürger-CERT."
While it might be easy for users to temporarily move to another browser, such a wholesale switch could present more of a problem for companies and organisations that rely on a strictly defined IT environment. The BSI advocates enterprises not put all their eggs in one browser basket: "Our recommendation is to implement a two-browser-strategy," the spokesman added. Businesses also have the option of using the Enhanced Mitigation Experience Toolkit to protect against security vulnerabilities, but it "is probably too complicated for a home user".
The BSI often talks with tech companies and kept up to date with Microsoft during the whole patch issue. "We communicate on a professional level," the spokesman added.