Internet Explorer Security Breach

by The Associated Press and Andy Greenberg, Forbes, 01/10/2012

The German government agency overseeing IT safety is warning of a security breach in Microsoft's Internet Explorer and recommending people use other browsers until the problem is fixed.  The browser's "weak point is already being used for targeted attacks," the Federal Office for Information Security warned, adding that the code behind the attack is freely available online and might therefore spread rapidly.

A spokesman for Microsoft Corp. said Tuesday the company is aware of the issue and is working on soon rolling out a software update, a so-called patch, to fix the browser's security features. "This is not a massive problem. There have been only a small number of targeted attacks," said spokesman Thomas Baumgaertner. He could not provide a figure of the number of attacks recorded so far.

The browser is used by hundreds of millions of consumers and workers around the world. (K4E Note: reports note that over 90% of Korean use Internet Explorer and many business and government websites are either stilll only accessible trough that browser or require the download of ActiveX).

In its warning,  Germany's IT watchdog called on people using Windows XP or Windows 7 operating systems and Internet Explorer versions 7, 8 or 9 to switch to alternative browsers until Microsoft updates the browser's security features.

Attackers lure users to an infected website, for example through an emailed link. Visiting the website then allows hackers to introduce codes to take control of the user's computer, the BSI agency said.

According to Andy Greenberg (Forbes) Microsoft says it’s working on a patch for the security flaw. But in the meantime the company suggests users implement a collection of workarounds. One recommendation is that users turn on a setting that shows them a prompt every time a website tries to run an active script on a page, or that they simply disable active scripts altogether. Another is that they set Internet Explorer’s security zone settings for the Internet and local Intranet to “high” to block scripts on those pages and then manually add trusted sites to a whitelist that will allow the scripts to run on safe sites.

Finally it recommends users add Internet Explorer to a list of programs governed by a Windows tool called Enhanced Mitigation Experience Toolkit, (EMET) which applies stricter security measures to chosen programs that prevent them from mixing hidden commands into code and randomize their location in memory to make them harder to hijack. All three of these mitigation techniques are explained in Microsoft’s advisory, and security blogger Brian Krebs has more information on how to properly implement EMET here.

But there’s a simpler fix than any of these: Use Chrome, Safari, or Firefox, which aren’t affected by the attack.

After all, Microsoft warns in its advisory that disabling active scripts in Internet Explorer can reduce functionality on some sites, and turning on prompts for the scripts will likely lead to a slew of pop-up prompts that users will likely learn to ignore. Even adding Internet Explorer to EMET may not completely prevent the exploit, according to Tod Beardsley, an engineering manager for Rapid7, one of the security firms that has tested and replicated the exploit, as he said in an interview with the Associated Press. 

Unlike the Java exploit that affected all major browsers in August, this exploit is uniquely Microsoft’s problem. So until the company issues a full patch for the software rather than complex, incomplete fixes, users’ best bet is simply to ditch Internet Explorer until its security catches up with its competitors.

Sources: CBC and Forbes   

Image source  

IGVC-Korean Language Classes, Classes from 05 Oct 2021 /  Online from Yongsan-gu, SeoulSome classes still have space for late registration - Does not apply to Absolute Beginner Classes.
SGVC - Séance d'orientation en ligne, 7 sept 2021, via ZoomAstuces de la vie quotidienne à Seoul - en français
SGVC - Online Korean History Lecture Series, 28 Sept-2 Nov 2021, SeoulThe lectures will be conducted in English by Pr. David A. Mason
AMCHAM-U.S. Embassy Webinar: Telehealth in Korea, 10 Sept 2021, from SeoulWebinar to help you navigate the landscape of tele-health in Korea
Seoul Foreign School, K-12 English School, Seodaemun, Seoul
Dwight School Seoul, English Pre-School-High School, Seoul
JZ Associate
Korea International School-KIS, PK-12 English, Pangyo, Gyeonggi-do
A Plus Apgugeong - 27 May 2020
I want to convert
Helpul telephone numbers seoul korea
Cocoonfice, Business Center, Gangnam-gu, Seoul