When I am informed that a browser security issue (or flaw) exists that is of large scale or is a zero-day vulnerability, I find it important to alert everyone; especially the readers of this blog. Let’s face it, we spend the majority of the time on our computers in our web browser.
The security issue I am alerting you about involves Microsoft’s Internet Explorer and in my opinion is a very serious issue. In the interim, until this issue is completely resolved, I am recommending that you download and install Microsoft’s Enhanced Mitigation Experience Toolkit (EMET). The enhanced Mitigation Experience Toolkit (EMET) is designed to help prevent hackers from gaining access to your system. Currently there are no patches available to protect you from this security flaw.
Eric Romang, a researcher in Luxembourg, discovered the flaw in Internet Explorer on Friday, when his PC was infected by a piece of malicious software known as Poison Ivy that hackers use to steal data or take remote control of PCs.
The security flaw, which researchers say could allow hackers to take remote control of an infected PC, affects Internet Explorer browsers used by hundreds of millions of consumers and workers. Microsoft said it will advise customers on its website to install the security software as an interim measure, buying it time to fix the bug and release a new, more secure version of Internet Explorer. – [ source: NBCNews.com TECH]
Reportedly many of the anti-virus software makers are aware of this issue and have already updated their products to protect end-users against this bug; however, this alone may not be sufficient to protect you. Best bet here with this is make sure your security software is up-to-date and to download and install the Enhanced Mitigation Experience Toolkit (EMET).
The toolkit includes several pseudo mitigation technologies aimed at disrupting current exploit techniques. These pseudo mitigations are not robust enough to stop future exploit techniques, but can help prevent users from being compromised by many of the exploits currently in use. The mitigations are also designed so that they can be easily updated as attackers start using new exploit techniques.
GEEK BONUS AREA