As reported previously, Germany's BSI caused a stir in internet security waters when it advised that Internet Explorer was flawed and, as a result, advised German internet users to switch to other browser clients.
Yesterday afternoon saw CERTA, the French agency responsible for managing and protecting against cyber threats issue a bulletin, noting that that all versions of Internet Explorer were affected by the security flaw, and recommending that people use an alternative browser.
This latest salvo in Microsoft's direction has been met by surprise from several quarters, most notably from Graham Cluley, a senior technology consultant with Sophos, who said that internet users should only switch browsers if they are confident they know what they're doing. Cluley said that, unless users know what they are doing with their new browser client, it might be a case of "better the devil you know."
Every browser, he explained, has its security issues, so switching may remove this current risk but could expose you to another. "My guess is that Microsoft will be working hard to release an out-of-band patch for the vulnerability", he explained. "They will be keen to fix the serious security problem before more damage is done to Internet Explorer's reputation."
In a blog posting made last night, Cluley said: "Remember – if your IT department doesn't already formally support an alternative browser, and if your users aren't already familiar with the other browser, you may be causing more problems than it's worth by summarily switching browsers."
"You may also have web-based applications that don't work well, or even at all, unless they are accessed with Internet Explorer. That's not going to be good for productivity."
"And finally, what if your replacement browser itself turns out to contain a vulnerability? Are you going to switch again?"