Even though the world shies away from the (in)famous Internet Explorer, hackers have time and again proved their fondness for the browser as the IE has been subject to multiple exploits & attacks by the hackers in recent past. The fact that the user base of IE weighs over half of the total user base makes this a browser of choice for hackers to exploit.
Termed as “Operation Clandestine Fox”, this new zero-day threat compromises almost all usable versions of IE(to be precise – versions 6 through 11) making the browser vulnerable to hackers’ attack. According to a report from FireEye, the exploitation mostly occurs on the versions 9 to 11 as most modern systems ships with wither of those versions. This makes up for 26% of the total user base who use internet. But there are still people out there who cannot just let go of their precious old system which runs ancient versions of Windows OS which contains the now obsolete versions of IE namely IE 6,7 and 8. Adding those systems in to account makes the total number of affected users to a whopping 56%.
Every version of IE vulnerable to attackThe Vulnerability enables the hackers to gain control of your system and lets them access and manipulate the data which is quite alarming considering the fact that almost 10% of all government systems still run Windows XP and perfectly vulnerable to this attack. Microsoft has addressed the issue in a security advisory post and says “it is working on a patch” to fix the issue.
We at The Westside Story understand the loyalty of IE users who will not shy away for any reason from using the browser, even if it means losing all their data. Hence we strongly suggest them to download Enhanced Mitigation Experience Toolkit version 4.1 from Microsoft until the patch is released. Also running the browser in enhanced mode and disabling any flash plugin by Adobe will help improve your stance against the attack from hackers.
Firefox is more secure when you put in the proper add-ons. Noscript should be installed all the time with FF. Internet explorer has always been horrid and the building it into the core and allowing it a trust relation with the system is always problematic.
Microsoft has done nothing to protect users from bad flash programming and took to windows Vista to put in basic linux security of security levels.
I’ve always considered Microsoft – Malware, Spyware and worse. The only place I ever needed anything Microsoft was at my old job: Explorer primarily because that’s what ADP mandated. I saw and still see everyone’s computers in constant sick mode, machines were running multiple anti malware, anti spyware this and that to stay clean, constant problems. I decided enough was enough and thanks to a buddy who is a guru, he suggested for my own laptop to switch to Linux. I did just that and amazingly, I have not needed any anti anything for about a year, and can accomplish all my computing needs flawlessly, and as a WP web designer. I suggest people use a Live CD to test the waters and stay safe as they try to avoid Exploder, I mean Explorer, but I’ve found LinuxMint to be the best operating software, next to Apple’s OS. If Adobe doesn’t ante up support for Linus with Adobe Creative Cloud, then an iMac will be my next purchase solely to use for that reason. I’m happy I can survive without Microsoft. Sadly, our government has no other choice than to use the malware called Microsoft, with their special updates, and back door spy mechanisms.
So is this Homeland Security’s new job? Telling us all about the hacks NSA is exploiting?
And who are you kidding. Firefox is no more secure than Internet Explorer. Take a look at the following list at the URL provided. Anything listed as a “Red” vulnerability has/had the same potential as this Internet Explorer vulnerability. That is, they could have been used to take complete control of your computer.
http://www.mozilla.Org/security/known-vulnerabilities/firefox.html
GP
Fixed. Thanks.
You’re quite welcome.
Have a good day!
GP
Firefox is an opensource browser. Its vulnerabilities can be fixed by everyone that have the skills to understand and correct them. On the other hand explorer is a closed source app and we don’t have a clue what is happening in its code. This is a difference indeed!
The myth that “open source” is somehow more secure because of the many eyes is just that. A myth. Firefox is no more secure than Internet Explorer despite the “open source” nature of Firefox. A vulnerability that allows arbitrary code execution and software installation is just as bad in Firefox as it is in Internet Explorer. Both would allow a user’s computer to be completely compromised.
GP
Mozilla routinely blocks access to critical “Red Label” vulnerabilities to the original reporter of the vulnerabilty and to a select group of Mozilla developers. Nobody else is allowed to access bug and will receive an “You do not have permission to access this bug. . .” page if they try to do so. In the end only an elite group of Mozilla developers are allowed to access and “correct” known vulnerabilities. Not the “everyone” you claim. And as long as the critical bugs are blocked from view you don’t have a clue as to what is really happening to the code. Not much difference with what Microsoft does it seems.
A difference that isn’t a difference isn’t a difference at all.
GP
Heartbleed caused people to rail about flaws in open source. Heartbleed was a bug in place for 1.5 years.
This bug in IE goes back to IE6. That’s 13 years ago.
It is not 100% clear that this bug has been in place for 13 years, but there’s no indication that it was not there 13 years ago, and ALL years between.
Heartbleed was bad enough, permitting a kind of “watch over your shoulder” attack point.
This bug in IE can permit someone anywhere in the world to take control of your computer as if they were in your chair, until you pull the plug.
And why are we even blaming a “bug in IE” when it takes the addition of a well known piece of third party software to enable this so-called “bug”. And yes, I’m talking about Adobe Flash. After all, its been reported that the easiest cure for this problem is to either disable or uninstall flash and wallah, your horrible “IE bug” is gone.
Perhaps if we demand that Adobe strip out all that scripting nonsense and all that other stuff that doesn’t have anything really to do with Flash’s primary job, the displaying of videos, then these problems wouldn’t crop up as often as they do – like enabling a hacker to take complete control of your computer and do with it as they please.
But in the end, MSM and the rest of the security community takes the easy way out and blames Microsoft for the problems created by third party software.
Perhaps Jobs had it right. Ban Adobe Flash from all computers and most of your computer security problems are gone.
But then how would you play your online games and watch videos of kittens on Youtube.
GP