Tuesday, December 16, 2008

Internet Explorer Exploit

The security flaw in Internet Explorer has a few folks scrambling. One of the questions going around in my head is, "Does this flaw affect IE browser on computers where the user does not have admin rights to install software?" The reason why is that some districts that restrict end-users from installing anything...well, wouldn't that Active Directory policy restrict the malware, too?

Here's an email, as innocuous as possible, that I adapted from someone else's note to staff:
Please be aware that a security flaw has been found in the Internet Explorer (all versions). This is probably the browser that you may use much of the time. The flaw allows malicious code to steal users passwords, and control their computers.

Avoid using Internet Explorer for online banking at this time. (online banking passwords, are the most desirable target of this exploit)

The flaw in Microsoft's Internet Explorer could allow criminals to take control of people's computers and steal their passwords, internet experts say.

Microsoft urged people to be vigilant while it investigated and prepared an emergency patch to resolve it. . .Other browsers, such as Firefox..., Chrome, Safari, are not vulnerable to the flaw Microsoft has identified.
Source: BBC News 12/16/2008

Microsoft is working on a patch to fix the problem, but currently there is no fix. There are many web sites exploiting this flaw.

For your own personal computers (such as those at home), you are encouraged to follow the advice in the news report above and use an alternate browser, like Firefox.

Additional Links:

How would you let your district folks know what is happening?



Subscribe to Around the Corner-MGuhlin.net

Be sure to visit the ShareMore! Wiki.

No comments:

Subscribe via email

Enter your email address:

Delivered by FeedBurner

Disclaimer

Disclaimer

Everything posted on Miguel Guhlin's blogs/wikis are his personal opinion and do not necessarily represent the views of his employer(s) or its clients. Read Full Disclosure