Nerds On Site

Internet Explorer Security Vulnerability

The recent zero day security hole in Internet Explorer is a serious concern as it can allow a malicious website to get access to your computer.
Microsoft is currently working on a patch but until this is released they recommend several workarounds, I have pasted from their security advisory at the bottom, however these workarounds are not easy for a novice user, particularly because to choose one of them requires that you be able to evaluate which is the best for your own environment.
An easier option would be to install an alternative web browser, here at Nerds On Site we prefer Firefox which is recommended by such security researchers as Steve Gibson of Security Now podcast.
Here is the excerpt from Microsofts security advisory showing the available workarounds:

Based on our investigation, setting the Internet zone security setting to High will protect users from known attacks. However, for the most effective protection, customers should evaluate a combination of using the High security setting in conjunction with one of the following workarounds.

Disable XML Island functionality
Restrict Internet Explorer from using OLEDB32.dll with an Integrity Level ACL
Disable Row Position functionality of OLEDB32.dll
Unregister OLEDB32.dll
Use ACL to disable OLEDB32.dll

For additional workaround details, please see the following post: http://blogs.technet.com/swi/archive/2008/12/12/Clarification-on-the-various-workarounds-from-the-recent-IE-advisory.aspx#workarounds.
Each of these workarounds is equally effective in protecting customers; however, each workaround has different impacts based on the environment in which they are applied. We encourage customers to evaluate which of the workarounds would be least impactful to their environment, based on the impact statements included with each workaround.

Leave a Comment

Your email address will not be published.

Scroll to Top