Earlier this week, Homeland Security issued a statement warning Americans against using Microsoft’s Internet Explorer. The reason for the ban? An exploit that allowed hackers to adopt the rights and permissions of a user to potentially take over a PC. This caused a ripple of panic across the internet at the implications of such a large vulnerability.
To start with, most non-computer savvy users use only one account and give it administrative rights to install programs. On an infected machine, a hacker would gain administrative privileges and be free to do as they wished with the PC.
According to Microsoft:
“…An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
That cause even bigger problems for businesses that dealt in confidential data. Someone could go into their systems and delete entire databases of information or expose highly confidential information.
Thankfully, Microsoft acted quickly (once the exploit was made public anyway) to fix the issue, releasing multiple updates for all Windows platforms from XP onwards. People are encouraged to update their machines as soon as possible. However users are getting tired of the constant security scares. First Target and Heartbleed, now Internet Explorer. What will we do when there’s nothing secure left?
Sources:
http://mashable.com/2014/04/28/internet-explorer-bug-how-to-protect/
http://www.reuters.com/article/2014/04/28/us-cybersecurity-microsoft-browser-idUSBREA3Q0PB20140428
http://www.pcworld.com/article/2148921/dhs-warns-against-using-internet-explorer-until-bug-is-patched.html
http://www.pcworld.com/article/2148368/new-internet-explorer-zero-day-puts-web-at-risk-and-xp-isnt-getting-a-fix.html
https://technet.microsoft.com/en-US/library/security/2963983
http://www.syracuse.com/news/index.ssf/2014/04/internet_explorer_bug_no_fix_xp_hacker_control_pc.html
http://www.dailymail.co.uk/sciencetech/article-2618102/Microsoft-FINALLY-fixes-Internet-Explorer-bug-days-Government-warned-computer-users-to-abandon-browser.html
http://www.usatoday.com/story/tech/2014/05/01/microsoft-issues-internet-explorer-security-fix/8562737/
http://www.pcworld.com/article/2150248/microsoft-backs-down-will-fix-internet-explorer-vulnerability-even-on-windows-xp.html