Microsoft patch is imminent, but here's a checklist for locking down in the meantim.Microsoft today confirmed it will release an out-of-band emergency patch for the previously unknown Internet Explorer vulnerability that was abused in the attack against Google and others, and amid concerns the threat could be used for more widespread attacks.
The so-called "Aurora" attack exploit on IE 6, which was unleashed in the wild late last week, has raised alarm as researchers demonstrated the exploit code can be retooled to attack IE 7 and IE 8 as well, and can bypass Data Execution Protection (DEP). So far, just a few attacks have actually been spotted in the wild, according to Websense.
Though the exploit is just one piece of the puzzle in the attacks out of China, it's what we know for now and can at least try to mitigate, security experts say.
So with the exploit code taking on a life of its own and an IE patch on the horizon, how do you protect your computer in the meantime? Here are some steps Microsoft and other security firms recommend you can take now to help defend yourself:
1. Upgrade to IE 8 if you're an IE shop.
Despite concerns that IE 8 also could be compromised by the attack, Microsoft is still recommending the newest version of its browser as the safest.
Dino Dai Zovi, a security researcher and co-author of The Mac Hacker's Handbook, warns, however, that IE 8 on Windows XP SP3 isn't safe from this exploit, thanks to the latest research findings. "IE 8 on Windows Vista SP1 and above or Windows 7 is considerably more difficult to exploit," he says.
2. Enable DEP in IE.
DEP is automatically enabled in IE 8 on XP SP3, Vista SP1, Vista SP2, and Windows 7, but other versions of the browser require manually selecting DEP.
3. Run IE in Protected Mode on Visa and newer versions of Windows.
Microsoft says doing so limits the "impact" of an attack on the flaw.
4. Warn users about suspicious links that could be used for this attack or Websites containing online ads or user-generated content.
A user has to click on the malicious link to get infected with the malware, so remind people to be careful about links in email and instant messages, and to take care on the Web.
5. Limit user privileges.
If an attacker victimizes a user with administrative rights, then he would have the same access as that user.
6. Set Internet zone security in IE to "high."
7. Update all third-party applications with the latest versions and patches.
"Asking people to use a browser [other] than IE is not going to help one bit, unless the user also patches all other programs," says Thomas Kristensen, CSO at Secunia. "The reason is actually quite obvious -- more than 60 programs are installed on the average PC, approximately one out of five programs on the average PC are vulnerable, [and] some of these programs go unpatched for months, even years."
netizens left a footprint.