New security vulnerability in Microsoft Internet Explorer

        How to, Web Design
Internet Explorer

Microsoft recently reported a serious security vulnerability (remote code execution) in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11.

Understanding the exploit:

This is the description of the problem in the official announcement.

The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.

In layman terms, if you use Internet Explorer and visit a website that exploits the vulnerability, your computer could be taken over by a hacker and he or she will perform actions on your behalf.

Preventing the security vulnerability:

You can easily prevent this problem by not using Internet Explorer 🙂  At least until Microsoft releases a patch. If you still want to use Internet Explorer, you should enforce the security level to ensure you have control over what is executed in your computer and to establish trusted websites.

Follow these steps to limit your risk of security exposure:

1. Open Internet Options > Security.

DC cyber security expert - Step 1- Internet options in Internet Explorer

2. Highlight Internet and set the Security Level to High.

Step 2 - Change internet security settings  in Internet Explorer

3. Check Enable Protected Mode.

Step 3 - Enable protected mode in Internet Explorer

4. Highlight Local Intranet and repeat steps 2 through 3.

Step 4 - Change local intranet settings in Internet Explorer

5. Highlight Trusted sites and set the security level to either Medium or Low

Step 5 - Change trusted sites settings in Internet Explorer

6. Click on Sites

Step 6 - Add trusted sites in Internet Explorer

7. Add websites you trust to the Trusted Sites Zone

Step 7 - Add trusted sites in Internet Explorer

8. Apply settings and close window and restart Internet Explorer for changes to take effect

Apply settings

This is the link to the Microsoft’s security bulletin, as they have outlined suggested actions for dealing with the vulnerability until it has been addressed: https://technet.microsoft.com/en-US/library/security/2963983


About Luis Cuellar

Co-founder and Agile Coach, in charge of leading, managing and coaching agile project teams to achieve a high level of performance and quality in delivering projects that provide exceptional business value to government agencies and nonprofit organizations.
This entry was posted in How to, Web Design and tagged , , , , . Bookmark the permalink.

Comments are closed.