Category: Geeks r Us
I don't know how serious this is, or if your virus protection is good enough to avoid it, but here is the message I saw yesterday.
Warning! Stop using Internet Explorer browser until bug is fixed
Dear CNET members,
If you're reading this newsletter using Microsoft's Internet Explorer, you may want to stop, as there is currently a severe vulnerability in it that affects all major versions of the browser from IE6 through IE11. I wish it were a late April Fools' joke, but it's not, as reported in CNET writer Seth Rosenblatt's article, "Stop using Microsoft's IE browser until bug is fixed, US and UK warn."
This vulnerability in the browser can potentially allow attackers to install malware on your computer that could be used to steal personal data, track online behavior, or gain control of the computer. All bad news, and how serious is it? Serious enough that US and UK governments have asked users to stop using IE, until a patch is available and installed. For the time being they advise using an alternative Web browser.
Where did you obtain this message? I had a feeling that there is some sort of problem with Internet Explorer, because several of my friends have been having problems with it that suggest there is Malware being installed without their knowledge or intent, including myself.
CNET
www.cnet.com
Reliable. I personally haven't had any problems with it. I am using FireFox to be safe, because I do banking and such other task. Plus I'll beef up a couple other items until the fix it.
I can't say how serious the problem is, but there is much discussion on it.
I read something about it in a newspaper. The main thing I got from the article was that you should not click on any links you get in emails because even though the email may look legit and the link might seem legit, that is how someone can hack into your computer and take control of it.
I have a question about the patch tat will eventually be available to fix this. Do you have to go to Microsoft site and download it or will it automatically be downloaded.
This kind of thing is another reason why I'm glad I got rid of my XP computer since Microsoft will n longer protect you against thiskind of thing unless you have at least a Windows 7 computer.
there are a lot more ways than that for someone to plant a virus or malware on
your system. Seriously folks, Don't use IE, and while we're at it, unless you
need javascrypt installed, or flash, don't install those either, or at least use
something like no script unless you are using a sight that requires it.
good luck windows XP users. this bug probably won't be fixed for you.
Becky, the patch will come in your regular Windows updates. Microsoft patches stuff all the time in these.
Here is my personal opinion on this item.
Internet Explorer isn’t any different from any other program you run on your system. All of them get security holes from time to time and require patches.
Saying that, using it isn’t any dangerous than it was before the warnings, it is just that a security hole has been found, so Governments, in an attempt to help people be safe online have started to issue warnings.
I would say this is due to the internet being a necessity, more than a luxury.
It is my experience among the people I know, most of them hate paying for, and having these annoying security items popping up on their computers, so the defeat and disable them.
If I know this, the Governments really know it too after studies.
Folks get a brand new computer and turn off things like account control, password locking screen, the messages or warning that appear in browsers.
When the virus programs trial expires or free allotment, they refuse to buy it, and won’t replace it with something else.
If they do get a free one, it will be the easiest program they can find to deal with. One that doesn’t require them to bother with it.
They turn off the updates, because, these might cause them problems.
They ignore warning messages inviting them to install the new Adobe reader, for example, or set it to manual, and forget about it until it won’t work on a website or something.
After this, they load all there financial, and personal records on there hard drives and use the simplest passwords they can think of, like their names, birth dates, or just 1234.
You have all these systems that are mis managed this way accessing banks, and other institutions that are also security lax, so if internet explorer has a major hole, that hole will get exploited easy.
Well managed systems are most likely not at risk, or not at risk more than they are anyway.
If you are going to use internet explorer, or it is difficult for you to change, I’d enable all these pesky things. They are there for a reason, not to drive you crazy.
Smile.
Wisdom in Wayne's last post. Remember, this goes back as far as IE6. This is not a new loophole, but a newly-discovered loophole. Those are two radically different things.
Thanks for the information.
I have no clue of almost everything that is being said here except that I must
quit using internet explorer? Lol Never liked it when I had it anyway, it was OK
but not as good as Safari on IOS so...
I figure it this way.
a site would need to be infected.
then i'd have to go to it.
I pretty much go to the same sites fairly often, and I have yet to have problems with the ones I do go too.
yes this is a hole and will be patched. but i'm not about to stop using IE over it.
I have MS SE, Malware anti-exploit and Malwarebytes Pro. That doesn't mean I am totally amune to these types of things, but I have protection anyway.
No Dolce. It means you probably should make sure all your protection methods and programs are updated.
Read my post again, maybe that will help.
Frankly, I'm not going to use another browser, simply because I don't have the time nor inclination to learn a new one. Microsoft will patch the flaw as soon as possible, because their reputation depends on it.
I currently check for updates every time I log on, and have m s e checking for me. I don't have malware bytes yet, but will probably get it as soon as JhRadio tells me it's accessible.
The thing is: I have my old xp computer sitting right here, and would love to use it because I'm more comfortable with it. However, when microsoft does come out with a fix my xp machine is out of luck, because we don't get updates any more. Do you call that tough love?
Bob
I really never enjoyed IE; it always crashes, is slow, and those are two things you don't have to worry about when using Firefox. Firefox always loads fast and rarely crashes. If there was a way to completely uninstall IE, I would do it in a heartbeat.
I encourage anyone who wants to to stop using Google and start using DuckDuckGo.com as their search engine. No tracking and all the results are headings.
The only thing I find it doesn't search as well are Youtube videos.
Also, if you are worried about vulnerabilities use the In Private Browsing feature (control shift p) and nothing stays behind.
Frankly, people with the technical intelligence as users on this site, are not the ones the government is worried about. You may imagine that you don't know much about computers, if you think this way, but in fact you know a whole lot more than a great many users.
I'd agree with Leo.
There is a way to disable IE. You can not uninstall it, but you can disable it if you don't like it the poster that wishes.
Here is an update.
Microsoft has yet to patch its latest critical Internet Explorer zero-day security flaw, but an advisory about the bug now offers two temporary solutions.
Updated on Monday, Microsoft Security Advisory 2963983 offers new information about the new zero-day vulnerability that affects all versions of Internet Explorer. The flaw could allow remote code execution and has already been used in "limited, targeted attacks," Microsoft revealed, though those attacks have so far affected only IE versions 9, 10, and 11.
The potential reach of the bug could be widespread. Estimates of IE usage range from about 22 percent of people browsing the Web (StatCounter) to more than half of the desktop browser market (NetMarketShare).
The vulnerability is so severe that even US and UK security agencies have cautioned people using IE for now.
So what does Microsoft suggest for people who still need to use Internet Explorer? Turn on a feature called Enhanced Protected Mode. Introduced in IE 10, this mode adds an extra layer of protection by preventing malware attacks from infecting your system.
Microsoft explains how to enable Enhanced Protected Mode (EPM) in the "suggested actions" section of its advisory. The steps are outlined as follows:
1.To enable EPM in IE 10 or 11, click the Tools menu and then click Internet options.
2.In the Internet Options window, click the Advanced tab.
3.Scroll down the list of options until you see the Security section.
4.Look for the option to Enable Enhanced Protected Mode and click its checkbox to turn it on.
5.If you're running IE 11 in a 64-bit version of Windows, you also need to click the checkbox to Enable 64-bit processes for Enhanced Protected Mode.
6.Restart IE to force the new setting to take effect.
EPM is saddled with a couple of limitations. The feature supports only IE 10 and 11 and only 64-bit versions of Windows. And some websites and add-ons won't work with EPM enabled.
How do you protect yourself if you're running an older version of IE or use a site that doesn't play nicely with EPM? You can unregister an associated IE DLL file called VGX.DLL. Microsoft explains how to unregister this file in the suggested actions section.
Until Microsoft can patch this bug, the best option is to use an alternate browser such as Firefox or Google Chrome. But those of you stuck on IE can at least better protect yourself by following Microsoft's suggestions.
Credit CNET.
Bob,
You could use the older version of malwarebytes (1.75. definitions will continue to be updated even on the older version, so using that version is fine. Just be sure when you install 1.75 to tel it to not check for updates to the program. You do want it to check for protection updates though. You know the difference, right?
If you buy one license it'll cover 3 pc's. its $20 for the pro version.
I also suggest you get Malware Anti-exploit which will protect you in case of a 0-day attack.
If you look down this board, you'll see a topic on Malwarebytes on the boards that was started by Lauren. All the info for the older version is there.
I forgot to add. Protective mode is set by default in IE 11. If any one needs better directions as para blind direction, please post, and I'll explain.
For some reason, I have version 19.9. I set Windows to check for and to install updates. I'm using Windows 7. Is 11 the latest version of Internet Explorer or is there a newer one which is not effected by this loophole? I normally don't use this browser, but Firefox and NVDA have been really getting on my nerves lately. I culd also use Altare or the Samnet browser if those are safe.
Ie11 is the latest version, tiff.
firefox is up to god what is it now? something like29.0 I think.
SamNet actually runs on the Internet explorer platform.
When I checked windows update, I had three updates that were listed as important, two of them being for internet explorer. Is it possible that a pach has been sent out?
I just read a news article that said Microsoft had issued a patch.
You can read it here.
That's http://seattletimes.com/html/businesstechnology/2023508097_microsoftfixxml.html
In case the long link doesn't work.
Bob
The only patch was for flash player.
As I pointed out, Microsoft is always patching IE, but I wanted to post the warning here in case it was something major as a help service.
I'll read that article.
Says XP users get the fix too. Nice of Microsoft.
The only update I received today was for the IE flash player, so maybe it is rolling out in patches.
Good deal as always.
I just installed four patches for xp.
Yes, I just read online that Microsoft decided to let XP users have the 0 day patch too.
My spanish teacher has asked me to go on samnet to watch a movie in english that the class will be watching in Spanish next week. How can i do this safely without something happening to my system? Or has microsoft patched this particular security hole?
they came out with a patch yesterday that you should see in the "windows update" section of your computer.
Note, some websites that track the browser you use will suggest you switch. These have not been updated yet.
If you installed this weeks security patches, you are good.
I saw a restart thing come up when I w woke up yesterday morming and looked to see . yep, it installed itself.