Sections:Blog, News

INTERNET EXPLORER FLAW - LATEST WEB BROWSER SECURITY HOLE

 

IF YOU HAVE TO EXPLORE, ALWAYS USE PROTECTION

 

Background

Microsoft’s Internet Explorer browser has been exploited by the “Operation Clandestine Fox” attack starting on April 26, 2014 - See Business Week article for more details.

 

This is just the latest security hole to create headlines – helped by no less than the Department of Homeland Security, which advises that you not use any version of IE until further noticeWow!

 

The “Official” advice

According to DHS, if your business uses custom applications that require Internet Explorer, avoid visiting any public sites with the browser outside of the application.  Make a direct link to the site from your desktop to avoid going to any other sites but the application site.

 

According to Microsoft, you should pay your IT company – that’s us, folks J - between $1,000 and $10,000 per office to implement this temporary work aroundAnd once we do all that work you will:

1.     Not be able to use IE because it will be so locked down it will block basic things you need, L in addition to the Clandestine Fox

2.     Be annoyed to learn Microsoft has finally issued their own patch before we finish implementing the Microsoft work around for you (within a week is our estimate) L

 

That’s a heck of a way to help out Microsoft customers right??

 

The SureSolutions

Our opinion is that all this noise just creates headlines.  The good news is it brings awareness up that these holes exist.  But the truth is that these types of holes occur all the time.  For many years now, technologies have existed using Java and other sophisticated code within web pages that allow a remote website to download software to your computer and control it.  This highly publicized version is just the latest hole that allows this to happen, and once fixed undisclosed holes are undoubtedly going to crop up in IE and in every other major browser as well. 

 

In a nutshell you should ALWAYS be careful where you go with your browser.  local networks are being probed and attacked all the time and good security involves:

1.     Safe browsing practices – just like love, the #1 rule, is know your partner at all times!

2.     Ensure all your workstations are used WITHOUT granting Admin rights to users – only tech professionals should use Admin rights J

3.     Secure Network Equipment (FireWall with up to date filters) – whitelisting service is recommended

4. Check the send from address on all attachments in email and be careful on opening any attachments or links

5.     Total Network Defense software on the PC

6.     Strong filtering/scanning on incoming email

7.     Using current OS (eg not XP) and equipment with latest OS patches regularly applied

 

Our experience is that with the above in place, particularly whitelisting service on your firewall, we see less than one successful infection per 1,000 managed PCs per year.  This applies with operation Clandestine Fox as well.

 

What you should remember, always, is that every point in the list above that is not in place above increases your risk a little bit with #1, #2 and #3 outweighing all the others.

 

If you need further assistance or want to discuss please let us know!

 

Your SureTech Solutions Team