Download: Fast, Fun, Awesome

Thursday, 20 September 2012

Internet Explorer is no Longer Safe Until Microsoft Releases a Security Patch

Despite the improvements Microsoft has made with their browser Internet Explorer, you keep finding bugs in it. The latter has been discovered a few days ago, a Zero-day vulnerability that allows an attacker to run code on your computer, even without administrator permissions.

The vulnerability affects all versions of Internet Explorer on all operating systems except Internet Explorer 10. For a computer to be attacked, you have to visit a specially crafted Web, you would download code to the computer and then run exploiting this flaw.

As commented above, is a  Zero-day vulnerability, which means that it is already actively exploiting. In fact, I have discovered after an exploit another vulnerability related (also 0-day) in Java SE 7 that was uncovered a few days ago.

Microsoft is aware of the vulnerability, but have not clarified whether the patch will appear as soon as you have or one of its tuesdays patch, patch releases that make each month. Meanwhile, make sure you have updated antivirus and not visit foreign sites to avoid being infected.

Meanwhile Microsoft has written a note which says it is aware of the problem and advises users to download the tool Enhanced Mitigation Experience Toolkit (EMET) to reduce risks. However it is not known at what point the company will release a patch for this problem or if it will be until October 9 that will offer a solution to this problem in conjunction with another patch for another vulnerability in the browser, which we had already mentioned .

The fact is that experts have advised IE users to switch to another browser while it corrects this problem, so have advised switching to Google Chrome while providing a solution by Microsoft. This is probably not good news for the Redmond but its a sign that security remains a point IE to strengthen.

Will you ever trust or use Internet explorer Again?