Exploits to Internet Explorer are nothing new and in fact have been a major issue for most of its lifetime. For years, we have advised folks to stay away from Internet Explorer 
and use more secure browsers such as Firefox and Maxthon. Besides being so problematic, it is also a part of the operating system and repairing it can sometimes be impossible without a complete computer reformat.
The newest exploit that was announced on Sunday affect ever version of Internet Explorer from IE6 to IE11 on Windows Vista and up. Since Microsoft no longer monitors these exploits on XP it is also most likely affected but no patch will be released to that OS to fix the problem. If you are still using XP but you are not using IE then you should be fine. If you are still using IE you need to switch to a different browser immediately and burn the icon that goes to Internet Explorer.
The vulnerability is created by a remote code execution which in turn can exploit the method that IE uses objects that are in memory. This process may corrupt the memory in such a way that an attacker might be able to execute arbitrary code within Internet Explorer.
Most attacks of this nature are exploited by infected websites that are hosted by the attackers. In order to get infected you would have to go to one of these bad websites. In order to get you to an infected website, the attacker may try to entice you to the infected site with specially crafted e-mails or links in social sites such as Facebook.
So far, there have been only limited attacks of this nature and as of this writing a security patch for windows Vista and up has not yet been released.
There are things that you can do to help protect yourself from this exploit. You can use this method on all operating systems including Windows XP. The first step is to up the security settings of your browser. You will want to change your settings for Internet, Local Internet and Intranet to High. To do this in all versions of IE follow these steps:
1. Open Interne Explorer. On the top navigation menu click on TOOLS. In the dropdown box that appears click on Internet Options.
2. Once Internet Properties is open, click on the Security tab. and then choose Internet.
3. Look for the Security Level and change it to High. The security level for all sites you visit will now be set to High. As a note, if you do not see a slider to change the setting, first click on the Default option and then the slider should appear to allow you to change it to High.
4. Next you will want to click on Local Intranet. In the security settings for this area you also want to choose the High setting. This will set the security level for all websites you visit to High.
5. Click the OK button to save all changes and exit the Internet Properties dialog box.
After performing these steps it is important to remember that these settings while protecting you are not without some consequences. Certain websites require Active X in order to function correctly including some banking sites. If a particular site you visit does not work you will have to add it to your trusted sites list. To do this, follow the steps below:
1. On the IE toolbar you again will click the Internet Options link in the dropdown box.
2. Once the Internet Properties dialog box is open click on the Security Tab.
3. You will now see an option that reads Select A Web Content to Specify Its Current Security Settings and then click on Trusted Sites and then on Sites.
4. In the Add box type the name(s) of the website(s) that you want to add and click the Add button after each entry. Continue until you have all your crucial sites listed, especially sites like your banking etc.
5. Click OK once you are done to save all changes and return to Internet Explorer.
If you encounter additional sites in your browsing you need to add, follow the above steps to add them.
I know it sounds like a lot of work but if you want to continue to use IE this is what Microsoft recommends. Even after the patch is released I would keep this same setting to increase your security, especially if you have XP. If you were using XP, I would use these settings even if you were using a third party browser for extra safety. Remember that this vulnerability will remain for the life of your XP computer.
Keep in mind that these settings may require you to more work initially but once all the sites you use are listed in the trusted sites box, you will be good to go and browsing as safe as possible.
As of this writing we do not know if a patch for Windows Vista and up will come as on patch Tuesday or an emergency patch will be released. To avoid this entire configuring process, simply permanently stop using Internet Explorer and use a third party browser such as Maxthon.
Posted By Tech Joe Z And Ross Deprey
Leave a Reply