How to protect yourself against the zero-day exploit for Internet Explorer 6 to 11

A new Zero-day vulnerability in the Internet Explorer affects all IE Versions from 6 to 11 and is being exploited in limited and targeted attacks. This vulnerability, identified as CVE-2014-1776 ,could allow remote code execution even if the user doesn’t click on anything. Remote code execution means that attackers could distribute malware via a drive-by installation.
The bad news is there is still no patch at the time writing this article.
The good news is that the attacks seen in the wild so far seem to have relied on hitting IE 9, 10 and 11, using Adobe Flash as a lever. This doesn’t mean that the older versions are not being hit. It can be that the efforts of the cybercriminals are focused on the masses which have IE 9 and newer.

 

How can you protect yourself

The current exploit can be mitigated by disabling Adobe Flash Player, which is the vehicle used in exploiting the IE flaw. Note that the bug isn’t in Flash, so this is not something Adobe can fix, nor its it Adobe’s fault (as unbelievable as it may seem). Using specially crafted Flash files can help attackers prepare the contents of the memory on your computer in order to make a successful attack possible.

Additionally, you should configure that IE asks you when a page requires Active Scripting. Ideally, you should disable active scripting, but many websites will simply not function if this is activated. You have to change the settings by going in IE’s settings, click on Security, Custom Level and scroll down to the Scripting area.

activescripting

The probably better option is to deploy the latest version of Microsoft’s Enhanced Mitigation Experience Toolkit (EMET). The utility contains security mitigation technologies that can protect the software running on your computer against attacks, even those that target Windows XP systems.

emet
Just installing the application with default settings will give you some peace of mind.
Once Microsoft fixes the problem, you’ll have to update your Windows.

Of course, the last solution is to stop using Internet Explorer (you can’t uninstall it) and use an alternative browser. There are plenty out there, but start your search from Google Chrome, Mozilla Firefox, Opera.

 

What about Windows XP?

Well, XP is also vulnerable, and unfortunately, it will remain like this. This means that Microsoft will not push the updates to this operating system, once they are available.

However, by using the mitigation techniques presented above you can still secure IE running on Windows XP as well.

Read more about Windows XP in this article.

 

 

Sorin Mustaca

IT Security Expert