Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT

Latest Zero-Day IE Exploit Still Vulnerable after MS Patch

  • 0
admin
Tuesday, 08 January 2013 / Published in Woo on Tech
Patched IE

According to security firm Exodus, the patch to Internet Explorer 6, 7 and 8 released on December 31 only fixed one of several ways to exploit a weakness in Microsoft’s browser. In their research on this exploit, Exodus continued to develop more aggressive ways to exploit the documented weakness and in doing so, uncovered a means that bypasses Microsoft’s fix, but are witholding details from the public until Microsoft has a chance to address their findings. A number of human rights and government sites have been compromised with malware agents that exploit this weakness and appears to be part of a larger campaign by the “Elderwood Gang” – a highly effective and well-backed group of hackers that have been targeting high-profile government sites since 2009, ostensibly with financial and espionage-based goals.

What this means for you:

Internet Explorer 6, 7 and 8 are still considered vulnerable, though no one has documented any websites yet taking advantage of the exploits discovered by Exodus. The fact that there are still holes in IE browser security will not go unnoticed, and if Exodus can develop work-arounds for Microsoft’s patch, you can bet groups like “Elderwood” will be able to do the same, if they haven’t already. Your best short-term solution is to either use another browser like Chrome or Firefox until Microsoft can fully patch this weakness, or upgrade your Internet Explorer to version 9 or 10 as soon as possible. If you are working for an organization or using software that requires backward compatibility to IE 7 or 8, you should consider having a serious discussion with the IT department about their reasons for maintaining what is increasingly becoming an untenable stance. If you are required to use IE 6 for some unfathomable reason, you should stop what you are doing immediately and consult with an IT professional, as IE 6 is a magnet for security exploits.

browserelderwoodexploitinternet explorermicrosoftpatchsecurityzero day

Recent Posts

  • mid year check-in

    Mid-Year IT Health Check: 10 Things Professional Services Firms Should Review Now

    Most firms set their technology priorities in J...
  • Cloud Migration for Professional Services: When It Makes Sense

    Cloud Migration for Professional Services: When It Makes Sense (And When It Doesn’t)

    Every vendor in the technology industry will te...
  • mid age man working on laptop while floating in the sea summer vacation

    Summer Vacation Security Checklist for Professional Services Firms

    Summer is the one time of year when professiona...
  • The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    I have had this conversation more times than I ...
  • Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote work is no longer a temporary arrangemen...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP