I almost didn’t see a need to write this post. Most CTOvision.com readers, I believe, are technically savvy folks who are already avid readers of security and technology news. But you are also a very busy bunch and some of you might not have gotten the word yet. And I thought some of you might… …
I almost didn’t see a need to write this post. Most CTOvision.com readers, I believe, are technically savvy folks who are already avid readers of security and technology news. But you are also a very busy bunch and some of you might not have gotten the word yet. And I thought some of you might appreciate a recap done in a way that makes this easy to explain to others. This is my attempt:
- An organization of malicious computer experts who have access to many of Microsoft’s most sensitive secrets and the resources of a nation state have built attacks that exploit Microsoft’s browser, Internet Explorer.
- When a malicious organization like that decides to hack a system, it can be very hard to stop them. They probably also have ways to attack other web browsers. But we have no indication of that yet.
- Since other people now know how the exploit works, far more attacks can be expected, from a wide range of attackers. Automated programs (bots) and virus attacks can also be expected to exploit this Internet Explorer hole.
- For now, the most important thing you can do is to stop using Internet Explorer and switch to the most recent version of Firefox or Chrome.
- You also need to keep your entire computer system patched and you must keep your anti-virus signature files up to date. And don’t click on strange links or visit shady/ugly/evil parts of the web with any browser (ok that can be easier said than done, but you need to watch out to make sure you stay safe).
- Also, stay aware. It might be weeks or even months before Internet Explorer is safe again (when it gets the right patches you should update it).
- And, there is a chance that sometime in the future one of the other browsers will be the most vulnerable. That is the nature of life in the modern world. You may need to switch back to IE at sometime in the future.
ACTION:
- Download and use either Firefox or Chrome
- Keep your system patched
- Do not open Internet Explorer
- Follow the news closely.
Key References:
- Major flaw revealed in Internet Explorer: users urged to switch (from Christopher Null on Yahoo).
- Operation “Aurora” Hit Google, Others (a great report by George Kurtz of McAfee).
- Should you dump Internet Explorer, NOW? (by Joe Wilcox on betanews).
Thanks to friends from Twitter:
- http://twitter.com/tericee
- http://twitter.com/george_kurtzCTO
- http://twitter.com/8huit
- http://twitter.com/c4i
- http://twitter.com/rogery33
- http://twitter.com/ZachTumin