Security Weekly
Malware, Threat Management, Risk Identification/Classification/Mitigation

Internet Explorer Exploit Causes ISC Threat Level Yellow

“Infocon has been raised to Yellow due to the exploit being publicly available, combined with the lack of a patch for this specific vulnerability. Disable Javascript in your Internet Explorer browsers, or switch to another browser.”

We started Episode 3 of Security Weekly with some good ‘ole fashioned IE bashing. While we may joke about it, seriously folks DO NOT USE INTERNET EXPLORER. To exemplify our point there is an exploit floating around that allows attackers to gain remote access to your computer, and there is no patch for this vulnerability. The temporary fix is to disable JavaScript, but I strongly recommend that you use Firefox. I won’t say it to those IE users (okay, I will, I told you so :-)
Of course I am being biased and unfair, Firefox isn’t perfect either, but I still believe it to be better that Internet Exposure, er, Explorer.

Full Article

.com

Paul Asadoorian

Paul Asadoorian spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. He is the founder of the Security Weekly podcast network, offering freely available shows on the topics of information security and hacking. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.Paul Asadoorian spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. He is the founder of the Security Weekly podcast network, offering freely available shows on the topics of information security and hacking. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Related

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.