Iowa State University

ITInformation Technology

Internet Explorer Security Flaw; Consider Switching Browsers

This news item expired May 2, 2014. It may contain out-of-date information.

A serious security flaw has been discovered in the Internet Explorer (IE) web browser, and ITS advises using an alternate browser until Microsoft releases a patch. If you are currently using IE for eData, you may continue to do so, although Firefox and Safari are also supported and strongly encouraged while this vulnerability exists.

This vulnerability applies to Internet Explorer versions 6 through 11 on all versions of Windows. You should use an alternate browser (Chrome or Firefox) for any website that does not specifically require Internet Explorer, at least until Microsoft releases a patch.

Alternate browsers can be downloaded from their respective websites, or contact your department IT coordinator or the Solution Center for assistance with installing another browser.

Internet Explorer 8 will not be fixed on Windows XP. "Because of this, we recommend that you switch to Chrome or Firefox on XP machines unless a website specifically demands Internet Explorer," said Jeff Balvanz, IT systems analyst who works on security issues.

"For those people using Windows Vista and newer, this is a temporary crisis," Balvanz said. Microsoft will fix the vulnerability in Internet Explorer and they can go back to using IE. However, Microsoft has not yet announced when that fix will come; it may be several weeks.

For more information about the IE vulnerability, see the Microsoft TechNet article, the CERT Cybersecurity article, or contact Jeff Balvanz.