Microsoft IE Alert

Post details here of scams you have discovered or hassles you have experienced.<br>
10+ posts are required to post in this section.

Moderators: DJKeefy, 4u Network

User avatar
HEPZIBAH
Top Member
Top Member
Posts: 664
Joined: Fri Dec 05, 2008 2:15 am
Location: Uk
Has thanked: 12 times
Been thanked: 7 times
Gender:
United Kingdom

Microsoft IE Alert

Post by HEPZIBAH »

Serious security flaw found in IE

From the BBC News

Internet Explorer is used by the vast majority of the world's computer users
Users of Microsoft's Internet Explorer are being urged by experts to switch to a rival until a serious security flaw has been fixed.

The flaw in Microsoft's Internet Explorer could allow criminals to take control of people's computers and steal their passwords, internet experts say.

Microsoft urged people to be vigilant while it investigated and prepared an emergency patch to resolve it.

Internet Explorer is used by the vast majority of the world's computer users.

It's a shame Microsoft have not been able to fix this more quickly

Darien Graham-Smith
PC Pro magazine


Q&A: Stay safe online

"Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer," said the firm in a security advisory alert about the flaw.

Microsoft says it has detected attacks against IE 7.0 but said the "underlying vulnerability" was present in all versions of the browser.

Other browsers, such as Firefox, Opera, Chrome, Safari, are not vulnerable to the flaw Microsoft has identified.

Browser bait

"In this case, hackers found the hole before Microsoft did," said Rick Ferguson, senior security advisor at Trend Micro. "This is never a good thing."

As many as 10,000 websites have been compromised since the vulnerability was discovered, he said.

"What we've seen from the exploit so far is it stealing game passwords, but it's inevitable that it will be adapted by criminals," he said. "It's just a question of modifying the payload the trojan installs."

MICROSOFT SECURITY ADVICE
Change IE security settings to high (Look under Tools/Internet Options)
Switch to a Windows user account with limited rights to change a PC's settings
With IE7 or 8 on Vista turn on Protected Mode
Ensure your PC is updated
Keep anti-virus and anti-spyware software up to date

Said Mr Ferguson: "If users can find an alternative browser, then that's good mitigation against the threat."

But Microsoft counselled against taking such action.

"I cannot recommend people switch due to this one flaw," said John Curran, head of Microsoft UK's Windows group.

He added: "We're trying to get this resolved as soon as possible.

"At present, this exploit only seems to affect 0.02% of internet sites," said Mr Curran. "In terms of vulnerability, it only seems to be affecting IE7 users at the moment, but could well encompass other versions in time."

Richard Cox, chief information officer of anti-spam body The Spamhaus Project and an expert on privacy and cyber security, echoed Trend Micro's warning.

"It won't be long before someone reverse engineers this exploit for more fraudulent purposes. Trend Mico's advice [of switching to an alternative web browser] is very sensible," he said.

This could be the moment when the minnows in the browser wars finally score a significant victory

Rory Cellan-Jones
BBC technology editor


Read the dot.life blog in full

PC Pro magazine's security editor, Darien Graham-Smith, said that there was a virtual arms race going on, with hackers always on the look out for new vulnerabilities.

"The message needs to get out that this malicious code can be planted on any web site, so simple careful browsing isn't enough."

"It's a shame Microsoft have not been able to fix this more quickly, but letting people know about this flaw was the right thing to do. If you keep flaws like this quiet, people are put at risk without knowing it."

"Every browser is susceptible to vulnerabilities from time to time. It's fine to say 'don't use Internet Explorer' for now, but other browsers may well find themselves in a similar situation," he added.


Image
Experience is not what happens to you;
it is what you do with what happens to you.
-Aldous Huxley

User avatar
Horus
Egypt4u God
Egypt4u God
Posts: 12363
Joined: Fri Dec 05, 2008 2:15 am
Location: UK
Has thanked: 1661 times
Been thanked: 2228 times
Gender:
United Kingdom

Post by Horus »

The new patch for this problem is now available to download from Microsoft, I suggest that everyone should see that they are up to date.
For those not familiar with what to do:
1. Click 'Start' and then choose 'Settings'
2. From the fly out menu choose 'Control Panel'
3. When you see the icons click the one that says 'Automatic Updates'
4. You will see a box with a couple of shields and it is advisable (in most cases) that the top one 'Automatic Updates' is ticked to be a green dot
5. If you have not already done so you may enter a time when the downloads will be made, remember to choose a time when you are likely to be on your PC.
6. If you look to the bottom of the box you will see the option 'Windows Update Web Site' by clicking on this icon you can check at any time if there are any new updates available. Once you have clicked this option it will run a scan of your PC and then give you the option to install the latest update.
Image

User avatar
Goddess
Top Member
Top Member
Posts: 634
Joined: Fri Dec 05, 2008 2:15 am
Location: Alex
Has thanked: 5 times
Been thanked: 2 times
Gender:
Egypt

Post by Goddess »

Enter Madame Numpty ......

My little pooter is already set for automatic updates, but what's all this about entering a time - I thought it just did it when it felt like it? (Which is normally right in the middle of when I'm doing something and it sometimes slows down to a dead stop)

User avatar
Horus
Egypt4u God
Egypt4u God
Posts: 12363
Joined: Fri Dec 05, 2008 2:15 am
Location: UK
Has thanked: 1661 times
Been thanked: 2228 times
Gender:
United Kingdom

Post by Horus »

If you have a look where I said, you will see a place where you can set your time and frequency of the updates. At some point that you are using your PC it must coincide with this set time. :) But I find it is still worth pressing the 'Windows Update Web Site' button now and then just to see that you have not missed any updates.
Image

  • Similar Topics
    Replies
    Views
    Last post
  • One Liners - PC alert
    by LovelyLadyLux » Mon Sep 09, 2013 10:28 pm » in General Discussions and Rants
    3 Replies
    324 Views
    Last post by Kiya
    Tue Sep 10, 2013 12:38 pm
  • Ebay Alert
    by LovelyLadyLux » Sun May 25, 2014 11:33 pm » in General Discussions and Rants
    6 Replies
    300 Views
    Last post by LovelyLadyLux
    Tue May 27, 2014 4:26 pm
  • Security Alert
    by LovelyLadyLux » Wed Nov 25, 2015 5:14 pm » in General Discussions and Rants
    6 Replies
    1438 Views
    Last post by Horus
    Tue Dec 08, 2015 10:36 am
  • RCMP Alert
    by LovelyLadyLux » Thu Apr 19, 2018 4:30 pm » in General Discussions and Rants
    4 Replies
    481 Views
    Last post by LovelyLadyLux
    Sat Apr 21, 2018 5:07 pm
  • Weather Alert: Moderate rain hit Cairo streets
    by Winged Isis » Wed Oct 24, 2012 9:59 pm » in News and Sport
    5 Replies
    1655 Views
    Last post by LovelyLadyLux
    Fri Oct 26, 2012 3:24 pm