It seems with each passing day, there’s something else for Web users to worry about. Whether it’s the prospect of government spying or plain old security issues, no one is safe from what’s out there. That became abundantly clear recently when Microsoft revealed that a zero-day exploit is affecting Internet Explorer and wreaking havoc on some users’ machines. What’s worse, since the software giant is no longer patching Windows XP, finding a fix for that operating system is a pain. Still, there are ways for Windows users to safeguard themselves from the possible issues associated with the latest zero-day exploit. Having updated security software will help, as will not trusting Adobe’s Flash, which always seems to be a bit of an issue for security-seekers. It’s also a good idea to be wary of links in emails until this issue has been resolved. In other words, it’s time for a refresher on keeping yourself secure. Read on to find out how to protect yourself from the latest Microsoft zero-day Internet Explorer exploit.
10 Ways to Protect Yourself From the Zero-Day IE Exploit
By Don Reisinger
Don’t Use Internet Explorer
Here’s an easy way to safeguard yourself from this latest Internet Explorer threat: Don’t even open up Microsoft’s browser. Since IE is at the center of the exploit, by ditching the browser, there’s no chance of being affected by this exploit. It can’t get any easier than that.
Get Off Windows XP
Since Microsoft ended support for Windows XP earlier this month, those still using the platform shouldn’t expect a patch from the software giant. And while there’s a fix that can mitigate this issue (more on that in a bit), getting off Windows XP to sidestep any other issues that might crop up and affect users of the operating system might be a good step.
Ditch Adobe Flash
According to the security community, Adobe Flash is also at the center of this exploit. In fact, hackers who have so far exploited the threat have used Flash to break into user computers. By eliminating the use of Flash, this issue is all but dead. Not bad.
The Enhanced Mitigation Experience Toolkit (EMET), a collection of tools specifically designed to limit exploitation on Windows, is compatible with Windows XP and kills the hack. So, as long as Windows XP users can get EMET running on their machines and working with Internet Explorer, the issue should be effectively mitigated.
Update Security Software Definitions
Many of the most popular security tools out there, including those from Symantec, are capable of handling this zero-day exploit. Indeed, as long as users have their security definitions up-to-date, they shouldn’t experience any issues with this latest threat. So be sure to have solid security programs that are up-to-date.
Users need to stay informed of what’s going on in the security space. Over the next several days and perhaps weeks, users should endeavor to learn everything they can about the zero-day exploit to ensure it doesn’t morph into something bigger and even scarier. Keeping up on the news is one of the best ways to stay ahead of security threats.
Watch Out for Odd Sites
According to Microsoft and security experts, some hackers have set up fake Websites designed specifically to target the unwitting Web user. It’s important, therefore, that Web users be on the lookout for sites that don’t appear to be legitimate. If a site doesn’t look like it’s legitimate, chances are it isn’t.
Don’t Trust Email Links
Hackers are also using email links to get unsuspecting users to malicious pages. Don’t click on links in emails from those you don’t know. It’s also a wise idea to be suspect of links in emails from people you do know. Phishing scams are waiting for us at every corner. Beware.
Run in Restricted Mode on Windows Server
Windows Server has its own built-in protection against this exploit: Restricted Mode. As long as a given server is running in Restricted Mode, users should have no issue with the exploit, since the feature wouldn’t allow the malicious code to run. Luckily, Restricted Mode is always on by default.
Keep Newer Windows Versions Updated
Although Windows XP can’t be updated with new software from Microsoft, newer versions of the operating system can. So it’s important to keep newer Windows versions fully patched. It’s likely that Microsoft will launch a patch to this flaw soon, requiring an update. Be sure to download that update when it’s made available.
Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis’ Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.