April 30th, 2014 2:21 pm

Zero Day Internet Explorer Exploit

Over the past weekend a security firm discovered a major vulnerability in Microsoft’s Internet Explorer Browser. It affects IE versions 6 through 11 and can allow the attacker to take full control of the affected system giving the attacker access to all of the files on the computer and to other computers connected to the same network.

So far this exploit has been found at defense and financial websites, prompting Homeland security to issue an alert. Until Microsoft releases a patch for this vulnerability there are 3 ways you can protect your computer and network.

  1. Do not use Internet explorer as your default browser. Use Chrome or Firefox (Free Downloads) instead. If you have to use IE to access a particular vendors website, check with that company to make sure they are aware of the problem and can assure you that their site is not infected.
  2. Disable the Flash plugin in IE. The exploit uses the flash plugin to gain access and will not work with the plugin
  3. Download and install the Microsoft Enhanced Experience Toolkit and run it with the recommended settings.

(http://www.microsoft.com/en-us/download/details.aspx?id=41138) .

Microsoft has announced that they have no plans to issue Windows XP computers a fix for this exploit. Bailey Systems recommends that any windows xp computers on your network not use Internet Explorer until they can be replaced or upgraded to Windows 7 or 8.

If you have questions or need assistance with any of the recommended actions please reach out to your Bailey systems Engineer or call the helpdesk at 703 581 7319