From the desk of Paul Baumgartner, Chief Proactive Maintenance Operations Officer

Microsoft has published Microsoft fixitan Emergency Advisory and Fix it for users of its Internet Explorer web browser. Exploitation of Internet Explorer 8 and 9 has already been witnessed in the wild. That doesn’t necessarily mean that users of Internet Explorer 6, 7, 10 and 11 are safe however.

The only unaffected Windows platforms are the server platforms that ship with IE in restricted mode by default. If you have disabled the restricted mode, these may also be vulnerable.

This problem is propagated by websites that have the exploit designed in it.  You can also avoid this problem by using IE as normal, but only visiting trusted and well-known sites.  Also, having web filtering will help with this, as web sites that use exploits will be banned by your web filtering service.

The proactive staff at Tech II are busy looking for more automatic and less interfering solutions to this problem.  We are also watching for the Microsoft Security Update for this and will test and approve it as soon as it is released.

The flaw is being referenced as CVE-2013-3893 and when exploited successfully results in remote code execution (RCE) as the logged in user. This is one of the reasons we frequently advise users not to run as an administrator for everyday tasks like internet browsing.

If an attacker wants to inflict more serious damage he will need to also use a elevation of privilege (EoP) exploit to gain more access to the victim PC.

There are several different ways to protect yourself until an official fix from Microsoft becomes available.

For more advanced users and corporate IT managers you can use Microsoft EMET to mitigate exploitation of this flaw as recommended in Microsoft’s advisory 2887505.

For everyday Windows users Microsoft is also providing a “Fix it” download that changes your settings to provide protection until a permanent fix is available, but this only works in 32 bit versions of Internet Explorer. The link for that is: https://support.microsoft.com/kb/2887505

This fix it will make your IE settings more restrictive.

1) Wherever possible, my advice is to simply use another browser until Microsoft is able to deliver a fix. There are many choices including Firefox, Chrome, Safari and Opera.

2) Make sure you leave your computers on overnight for the scheduled Patch Management days in the near future if you are getting Patch Management services. 

 

 

  • author Dan BardinPublished on September 18th, 2013

Tech insights

6 Qualities to Search for When Interviewing a Managed Network Services Provider in Albany

Learn more

5 Reasons Structured Cabling Can Be a Smart Business Move

Learn more

Which Cloud-Based Collaboration Tool is Right for Your Business?

Learn more