Posts Tagged: ‘internet explorer vulnerability’

Scam of the day – April 29, 2014 – Danger in Internet Explorer

April 29, 2014 Posted by Steven Weisman, Esq.

Internet Explorer is one of the most popular web browsers.  Yesterday Microsoft, the maker of Internet Explorer announced that they had discovered a major flaw in the security of this program that is already being exploited by hackers.  Hackers are already taking advantage of this flaw to take over computers using Internet Explorer, steal information from their victims and take total control of the infected computer.  The danger of this flaw cannot be overstated.  Microsoft is working on a security patch for this problem, but does not have one presently.  This problem is made worse for those people still using Windows XP because since April 8th, Microsoft is no longer providing updated security patches for that operating system so when a security patch is developed, it will not be effective for computers still using Windows XP.

TIPS

Those of you still using Windows XP should update your operating system as soon as possible.  Everyone else should use other browsers such as Firefox until a security patch is provided by Microsoft.  You also may wish to use the Microsoft Enhanced Mitigation Experience Toolkit (EMET) to take protective steps although this will not protect you fully.  You also should consider disabling your Adobe Flash plugin if you have one because this is used by hackers in their attacks.  You also should remember that for a hacker to install the malware on your computer or other electronic device to exploit this vulnerability, you need to have clicked on a tainted link or downloaded a tainted attachment.  Therefore, as always you should avoid clicking on links or downloading attachments unless you are absolutely sure that they are legitimate.

Here is the link to the announcement of the Department of Homeland Security regarding this matter, which also contains a link to the Microsoft Enhanced Mitigation Experience Toolkit.  https://www.us-cert.gov/ncas/current-activity/2014/04/28/Microsoft-Internet-Explorer-Use-After-Free-Vulnerability-Being

Scam of the day – February 19, 2013 – Microsoft security updates

February 19, 2013 Posted by Steven Weisman, Esq.

Hackers and identity thieves exploit vulnerabilities in the software that we all use to access our computers, steal our information and make us victims of identity theft.  Fortunately, the computer software companies and security software companies are always just as busy trying to correct those vulnerabilities.  When they do, they issue security patches and updates, however, these updates are only effective if you install them on your computers and other devices.  Hackers and identity thieves constantly take advantage of the fact that many people do not keep their security software current and install the latest security patches issued by software companies when they become aware of vulnerabilities.  Microsoft has just issued an alert about dangerous vulnerabilities that they discovered in Microsoft Windows, Microsoft Internet Explorer, Microsoft Office, Microsoft Server Software and Microsoft. NET Framework.

TIPS

If you have not already done so go to http://technet.microsoft.com/en-us/security/bulletin/ms13-feb for the Microsoft security bulletin that describes these dangers in detail and provides links to install necessary patches to protect your computer.  Perhaps a better option is to enable your computers to automatically install all necessary updates and save yourself the time of having to constantly monitor new patches and security developments.  Remember, the hackers and identity thieves count on people not patching these vulnerabilities in a timely fashion.

Scam of the day – January 22, 2013 – Internet Explorer danger

January 22, 2013 Posted by Steven Weisman, Esq.

Many of us, myself include use the Internet Explorer browser.  Unfortunately, many hackers and identity thieves are aware of this and also use vulnerabilities in the Internet Explorer browser to hack into your computer and steal information from you and make you a victim of identity theft.  The problem is particularly acute with Internet Explorer versions 6,7 and 8.  Fortunately, Microsoft has taken action to remedy this vulnerability.

TIPS

Go this link.  https://technet.microsoft.com/en-us/security/bulletin/ms13-008  This will contain the information you need to install the patches required to fix the vulnerability of your Internet browser.  I know I have told you that you should trust me and not trust anyone, but you really can trust me on this one.  The link is legitimate and will enable you to protect yourself while on the Internet.

Scam of the day – January 4, 4013 – Internet Explorer vulnerability

January 4, 2013 Posted by Steven Weisman, Esq.

Microsoft, the maker of the Internet Explorer search engine has just issued an important security advisory (2794220) informing the public about vulnerabilities in the Internet Explorer versions 6,7 and 8.  It is important to note that Internet Explorer 9 and Internet Explorer 10 are not subject to this vulnerability.  Microsoft is presently investigating this vulnerability and has not yet determined how to respond yet.  An identity thief or hacker can presently exploit this vulnerability and, according to Microsoft, “install programs; view, change or delete data; or create new accounts with full user rights.”  This could easily then lead to your becoming a victim of identity theft.

TIPS

As I always advise it is important to keep your computer’s operating system and programs as up to date as possible.  Often new versions of programs are issued for the expressed purpose of fixing vulnerabilities that have been discovered by hackers in previous versions.