Microsoft announced this week in a security update that Internet Explorer 9 and earlier versions are vulnerable to attack if a user views a website hosting malicious code. They have received reports of a small number of targeted attacks and are working to develop a security update to address this issue.
Glasser Tech recommends downloading and using a different browser. We suggest either Google Chrome or Mozilla Firefox.
If you just have to have Internet Explorer as your browser, Microsoft recommends that you do the following:
Deploy the Enhanced Mitigation Experience Toolkit (EMET)
This will help prevent exploitation by providing mitigations to help protect against this issue and should not affect usability of websites.
Set Internet and local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones.
This will help prevent exploitation but may affect usability; therefore, trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption.
CAVEAT: Putting the local zone into a high-security mode generally comes with some unexpected consequences. Some business applications may not function correctly with that setting because they generally use things like ActiveX scripting.
Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones
This will help prevent exploitation but can affect usability, so trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption.
MIcrosoft also encourages you to make sure your computer is protected by applying all software updates and using anti-virus and anti-spyware software as well as avoid clicking on suspicious links or opening email messages from unfamiliar senders.
No comments:
Post a Comment