Internet Explorer is under attack again!

 

Microsoft announced this week in a security update that Internet Explorer 9 and earlier versions are vulnerable to attack if a user views a website hosting malicious code.  They have received reports of a small number of targeted attacks and are working to develop a security update to address this issue. 

Glasser Tech recommends downloading and using a different browser.  We suggest either Google Chrome or Mozilla Firefox.  

If you just have to have Internet Explorer as your browser, Microsoft recommends that you do the following:

Deploy the Enhanced Mitigation Experience Toolkit (EMET)
This will help prevent exploitation by providing mitigations to help protect against this issue and should not affect usability of websites.

Set Internet and local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones.
This will help prevent exploitation but may affect usability; therefore, trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption.

CAVEAT:  Putting the local zone into a high-security mode generally comes with some unexpected consequences. Some business applications may not function correctly with that setting because they generally use things like ActiveX scripting.

Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones
This will help prevent exploitation but can affect usability, so trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption.

MIcrosoft also encourages you to make sure your computer is protected by applying all software updates and using anti-virus and anti-spyware software as well as avoid clicking on suspicious links or opening email messages from unfamiliar senders. 

 

 

Glasser Tech Gives Back Referral Program

We have been thinking about a way to give something back.  Not just with regard to our business but with regard to society.   We have come up with a great idea and hope to get you involved. 

It's our new Client Referral Program!

Here's how it works:

• If you know someone that would benefit from our services, we would ask that you give them our name and number and have them give us a call. 

• If they sign on with us as a client, we will give you 10% off your next consulting bill and make a $100 dollar donation to your favorite charity, in your name. 

It's a win-win situation overall.  We get something, you get something and then we pay it forward to someone else.

There's no limit to the number of referrals you may submit. 

Michael Glasser, Glasser Tech LLC (516) 762-0155

Oracle Patches Critical Java Bugs used to Commandeer Computers

 

What is Java?

Java is a programming language and computing platform first released by Sun Microsystems in 1995. It is the underlying technology that powers state-of-the-art programs including utilities, games, and business applications. Java runs on more than 850 million personal computers worldwide, and on billions of devices worldwide, including mobile and TV devices.

Why do I need Java?

There are lots of applications and websites that won't work unless you have Java installed, and more are created every day. Java is fast, secure, and reliable. From laptops to cell phones to the Internet, Java is everywhere!

Why should I update my Java?

Last week, Oracle, the creator of the Java programming framework released a critical security patch that should be installed immediately. A vulnerability was found that allows malicious hackers to take control of a user's computer through the web browser. The malware has been found on more than 100 websites as of this writing.  Unfortunately it took Oracle four months since the discovery of the vulnerability, so it has been propagating on the Internet for some time and has not been contained.  If you have any concerns of whether this vulnerability could affect your firm please contact Glasser Tech at 516-762-0155.

For more information here is a link to the Java Security Alert from Oracle:  http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html