What has been happening today with security on Internet Explorer? I have downloaded Firefox instead, but do I need to get rid of Int. Expl.? Also do I need to change passwords and things? Is it safe to shop online through firefox now? Sorry for all questions – v clueless!
It appears that there is a zero-day (meaning still-unpatched) vulnerability in Internet Explorer that is being exploited by malicious websites to infect users computers. It’s not at all unusual for malicious software to target browser vulnerabilities, but many infections can be avoided by keeping one’s software up to date with the latest updates and security patches.
In this case, no update currently exists that immunizes users against the attack, so infections which exploit the vulnerability may spread quickly to users who visit webpages that have been compromised, if they are using Internet Explorer.
Microsoft currently recommends changing your security settings for IE to ‘High’ while the company works to produce and deploy a security update, but you may also be protected from this particular type of exploit by using Firefox or another web browser. Bear in mind that many compromised websites can detect the browser that you use, and deliver customized exploits accordingly – no matter what browser you use, be sure that you apply security patches as they become available.
Brandon is correct. Based on the articles and posts I have read, Microsoft does not have a patch as yet. I would suggest that using a different browser (I recommend Firefox) will definitely help you to a certain extent.
However, it is important to be careful when online to be completely secure. Google warns its users about potential bad sites that are known to infect computers. I think Live search also started alerting its users of potentially harmful sites. So paying attention to these things will help.
Make sure your anti-malware software are up to date so you are prepared to detect and hopefully remove malwares in case of an infection. If a site prompts you to install something, be wary and only install something that you intend to install. If you are not sure, try and search for answers on google to make sure the application the website is trying to install is legit.
The problem though is that this sort of thing continues to happen. The hackers find some new exploit and the security "experts" fix it after some research. The best means of preemptive protection are to generally use a browser with good security features. IE CAN be a good browser, but most people don’t know how to use it outside "default" mode. Firefox is my personal favorite. I use NoScript and AdBlock Plus to prevent any script from running that I don’t want. I’ve only seen it circumvented in 1 instance and I was still required to click the "install addon" button (which I didn’t.) I haven’t had that happen since (they’ve greatly improved XSS security.)
There’s more protection though past the browser too:
Comodo has a personal firewall, anti-virus AND script blocker (kernel level) all for free (not "free!") I personally only use their BOCore (script blocker) program, but they are generally one of the fastest groups to update their database.
These are my personal preferences, nothing’s guaranteed though.