Internet Explorer vulnerable to attack!
In case you haven’t heard a major security issue was discovered over the weekend with Internet Explorer after security software maker FireEye Inc discovered a serious security flaw.
According to Microsoft the flaw, could lead to theft of data or “the complete compromise” of a user’s PC.
And the warning is not just theoretical. Microsoft says that “targeted attacks” using the exploit have already occurred.
The bug potentially could allow a hacker to take over your computer and do whatever they want. The problem could be encountered if you click on any dodgy links or pop-up adverts etc. now the issue is known worldwide even novice hackers might jump at the chance to exploit this bug.
A Temporary Fix
The US and UK governments have advised computer users to consider using alternatives to Microsoft’s Internet Explorer browser until the company fixes the flaw.
While Microsoft rushes to fix the bug, www.forbes.com listed FireEye Inc’s two workarounds for concerned users:
- Use another web browser other than Internet Explorer i.e. Chrome or Firefox
- Disable Adobe Flash. “The attack will not work without Adobe Flash,” it said. “Disabling the Flash plugin within IE will prevent the exploit from functioning.”
Here are the steps for Option 2:
- In Internet Explore go to Tools then select Manage Addons.
- Then click Shockwave Flash Player.
- Then look towards the bottom of the window for Enable And Disable.
- Normally it’s enabled.
- Just click disable and then hit OK.
Windows XP Issue
The issue also means that anybody still using Windows XP, approximately 10% of the Irish population, must not use Internet Explorer.
Microsoft have confirmed that no fix will be rolled out for Windows XP so even once the bug has been fixed Windows XP users will remain vulnerable.
The advice for Windows XP users is that this issue highlights Microsoft’s warning earlier this year that they would not be supporting Windows XP after the 8th of April 2014 and recommends upgrading your operating system.
Bank of Ireland Issue
Another issue highlighted for users in today Irish Independent is that Bank of Ireland customers also face a security vulnerability.
As the “Bank of Ireland is continuing to insist that its thousands of Business On Line banking customers use the newly-insecure, unpatched Internet Explorer for all sensitive transactions”.
Although Bank of Ireland have confirmed they are aware of the issues in relation to the browser they are still stating that “In the interim, access to Business On Line is not impacted and full service is available.”
See the full article on Independent.ie here
All this leads to major headaches for users!! If you need any further information or support Microsoft recommends contacting their local support centres, for details go to http://support.microsoft.com/?ln=en-ie.
An Update on the Story
Microsoft has issued an emergency update to patch the significant vulnerability in its Internet Explorer web browser.
And there was even more good news for Windows XP users as Microsoft also outlined in its bulletin yesterday evening that the patch would also be available to Windows XP users. However, it said that just because the update is out, does not mean users should stop thinking about getting off Windows XP and moving to a newer operating system and web browser.
Microsoft said users with automatic updates turned on would not have to do anything to receive the Internet Explorer patch.
However those using manual updates would need to go to the ‘Windows Update’ portion of their computer’s control panel and click ‘Check for Updates’.
For further information check out the official statement Microsoft’s official blog at http://blogs.technet.com/b/microsoft_blog/archive/2014/05/01/updating-internet-explorer-and-driving-security.aspx
Graham Glynn
Senior Digital Consultant
OSD OmniScience Design Ltd.
