WARNING: If you are using Internet Explorer, you are at risk!

If you are using Internet Explorer and you go to an infected website (accidentally or purposefully) you are likely to have your computer ‘hacked’ – as it is known amongst non-tech folk. Switch to something better like Google Chrome. You’ll love it. I promise!

A bug has been recently found that shows anybody using the default web browser of Windows, Internet Explorer, is vulnerable to having their computer taken control of by malicious websites developers. This bug allows remote execution of code giving malicious users access to pretty much everything on your computer.

Internet Explorer 6 through to 11 are affected and this is the case no matter what version of Windows you are using. Yes, even if you’re using Windows 8.1 !

Download Google Chrome or Mozilla Firefox. You can transfer all of your bookmarks too!
Here’s a link explaining how to download and set up Google Chrome

ie2

For those interested – the exploit “is a “use after free” attack in which memory objects in the browser are manipulated after being released. The attack bypasses both DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization).”

The specific exploit, according to FireEye, uses an Adobe Flash SWF file to manipulate the heap with a technique called heap feng shui. Neither Microsoft nor FireEye says it, but this implies that systems without Flash installed are not vulnerable to the specific exploit, although they are to the underlying vulnerability in Internet Explorer. Internet Explorer 10 and 11 come with Flash embedded, so they are vulnerable by default.

ZDNet

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s