This blog post is a re-post from the Shavlik blog. You can view the original post here.
By: Jason Miller, Manager, Research and Development at VMware
There has been some chatter in the past few days regarding a zero-day vulnerability in Internet Explorer that is currently being exploited. Microsoft released a new security advisory (2757760)for this vulnerability. Internet Explorer versions 6, 7, 8 and 9 are affected by this vulnerability. Internet Explorer 10, which is bundled with Microsoft Windows 8 and Server 2012, is not affected by this vulnerability.
Microsoft has a few suggested actions to mitigate against attacks on the vulnerability. First, administrators can deploy the Enhanced Mitigation Experience Toolkit (EMET). This workaround cannot guarantee an attacker will not be successful on attacking this vulnerability, but EMET will make attempts difficult for attackers.
You can also set your Internet Explorer security settings for AcitveX Controls and Active Scripting to ‘High.’ This will help protect against attacks, but this setting will present many issues for users. Many web pages will not properly display information due to the restricted security settings.
The next Patch Tuesday is still 21 days away and I am expecting a bi-monthly cumulative update for Internet Explorer during the October 2012 Patch Tuesday. That is quite a bit of time between a potential security bulletin release and a zero-day vulnerability that has attacks against it.
In the meantime, there are a couple of other steps you can protect against exploitation on your network. First, ensure you have an anti-virus program with up to date definition files on all of your servers and workstations. Many anti-virus vendors have this current threat in their detection logic. Other viruses could be coming in the near future, but anti-virus vendors are aware of the situation and keeping an eye on the threat landscape.
Another step you can take is to use a different browser in the meantime. This is going to be very difficult for organizations. First, administrators will need to deploy a non-Microsoft browser to all of their users. Second, administrators must find a way to enforce the use of the non-Microsoft browser on all workstations. This in itself is almost impossible. Using a non-Microsoft browser in the meantime will be easier for home users.
Stay tuned to Microsoft and here for any new information coming forth on this newest threat.
– Jason Miller
To learn more about VMware Go Pro, please visit go.vmware.com.
You can also access a free 30 day trial of VMware Go Pro here.