Thanks for choosing Orange County Computer, Inc.

949-699-6619 | 8am – 5pm Monday – Friday : Saturday by Appointment

Orange County Computer INC.
  • OCC Home
  • About Us
    • Blog
    • Location
    • Testimonials
    • Partners
    • Computer Repair Warranty
  • Contact Us
    • Customer Referral Program
  • Tech Center Services
    • Desktop Repair
    • Laptop Repair Services
    • Virus Removal
    • Tech Support Services
    • Data Recovery
    • E-Waste Recycling
    • Disaster Recovery
  • Business IT Services
    • Enterprise WiFi Solutions
    • Managed Services
    • Software Licensing
    • Why Choose a Microsoft Partner
    • Software Application Development
  • Technologies
    • Disaster Recovery Solutions
    • Data Backup & Storage Solutions
    • Offsite Backup
    • Software Support
    • Virtualization
    • Firewall & Security
    • Servers
  • Web Services
    • Domain Registrar
    • Hosting Services
    • Web Design
  • OCC Home
  • About Us
    • Blog
    • Location
    • Testimonials
    • Partners
    • Computer Repair Warranty
  • Contact Us
    • Customer Referral Program
  • Tech Center Services
    • Desktop Repair
    • Laptop Repair Services
    • Virus Removal
    • Tech Support Services
    • Data Recovery
    • E-Waste Recycling
    • Disaster Recovery
  • Business IT Services
    • Enterprise WiFi Solutions
    • Managed Services
    • Software Licensing
    • Why Choose a Microsoft Partner
    • Software Application Development
  • Technologies
    • Disaster Recovery Solutions
    • Data Backup & Storage Solutions
    • Offsite Backup
    • Software Support
    • Virtualization
    • Firewall & Security
    • Servers
  • Web Services
    • Domain Registrar
    • Hosting Services
    • Web Design

Stop using Microsoft's IE browser until bug is fixed, US and UK warn

Orange County Computer INC. > About Us > Blog > OCC News > Stop using Microsoft’s IE browser until bug is fixed, US and UK warn

Stop using Microsoft’s IE browser until bug is fixed, US and UK warn

In rare move that highlights severity of security hole in popular Internet Explorer, US Computer Emergency Readiness Team and UK counterpart say some IE users may want to “consider employing an alternate browser” till flaw is patched.

It’s not often that the US or UK governments weigh in on the browser wars, but a new Internet Explorer vulnerability — one that affects all major versions of the browser from the past decade — has forced them to raise an alarm: Stop using IE.

The zero-day exploit — the term given to a previously unknown, unpatched flaw — allows attackers to install malware on your computer without your permission. That malware could be used to steal personal data, track online behavior, or gain control of the computer. Security firm FireEye, which discovered the bug, said that the flaw is being used with a known Flash-based exploit technique to attack financial and defense organizations in the US via Internet Explorer 9, 10, and 11. Those versions of the browser run on Microsoft’s Windows Vista, Windows 7, and Windows 8, although the exploit is present in Internet Explorer 6 and above.

While the Computer Emergency Readiness Team in England and the US regularly issue browser advisories, this is one of the few times that the CERT team has recommended that people avoid using a particular browser. Specifically, the advisory says administrators and users should “review Microsoft Security Advisory 2963983 for mitigation actions and workarounds” and that people who can’t implement those stopgap measures, Windows XP users among them, “may consider employing an alternate browser.”

FireEye recommends that if you can’t switch browsers, then disable Internet Explorer’s Flash plug-in. You also can use IE with Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) security app, but that will not be as secure as simply switching browsers.

In a statement, Microsoft told CNET, “On April 26, 2014, Microsoft released Security Advisory 2963983 to notify customers of a vulnerability in Internet Explorer. At this time we are aware of limited, targeted attacks. We encourage customers to follow the suggested mitigations outlined in the security advisory while an update is finalized.”

The company advises Internet Explorer users that the Enhanced Protected Mode, on by default in IE 10 and IE 11, used with EMET, “will help protect against this potential risk.”

The company did not address what people who use IE 9 or older should do. It’s not expected that IE 6 will ever see an update, as Microsoft has stopped issuing security updates for the 12-year-old browser that still makes up 4.65 percent of the browser market.

The US Department of Homeland Security did not immediately respond to requests for comment.

Statistics vary as to how many people actually use Internet Explorer. NetMarketShare puts the total around 55 percent of the desktop browser market, while competitor StatCounter says that 22.58 percent of people use IE. While the disparity is large, in either case the flaw affects a huge number of browsers being actively used.

Here at Orange County Computer®, we recommend using Google Chrome until Microsoft’s update is complete. If you feel that your system or network may be at risk, or the security of your system has been compromised, contact the Cyber Security Experts at Orange County Computer® so we can minimize the damage. Call our Tech Center at (949) 699-6619 or visit us online at  OrangeCountyComputer.com. We are happy to help.

15-Year-Seal_Silver

Information originally obtained by CNET’s  Seth Rosenblatt. See by Seth Rosenblatt‘s story here.

UPDATE: On May 1st Microsoft sent out an update that fixes this issue. Once you install the update and restart your system, it will be safe for you to use Internet Explorer again.

← Heartbleed Bug: A Major Vulnerability on the Web Exposed
Windows 8.1 Update Install Deadline Has Passed →

Recent News

  • AdSense Fraud Campaign: Is your site infected?
  • Looking for a Windows 10 Download? You’re Out of Luck!
  • Celebrating 25 Years as a Technology Solutions Provider!
  • The Southwest Airlines IT Meltdown
  • ‘Tis the season… to avoid holiday scams!

Contact Us

Orange County Computer, Inc.

26150 Enterprise Way, Suite 400
Lake Forest, CA 92630

949-699-6619

Recent Posts

  • AdSense Fraud Campaign: Is your site infected?

    Last fall, website security and performance specialists Sucuri reported on a mal...

  • Looking for a Windows 10 Download? You’re Out of Luck!

    On January 31st, Microsoft stopped the direct sale of Windows 10 licenses on its...

Search

    • Home
    • Site Map
    • Remote Support