mynetx

This Week’s Thoughts: Closing Internet Explorer’s Security Hole

Since one week, Windows users must fear for the their data, as it is one week ago that the latest Internet Explorer security problem came known.  A security hole that offers hackers complete access to your computer, including all data stored on your hard disk.  Experts have warned to continue surfing with Internet Explorer.  Of course, such news don’t spread a good feeling when you’re using a Windows computer.  Since last night, the security hole is finally closed.  But how can you secure your own computer?

Entry points for hackers

Internet Explorer.  Outlook.  Outlook Express.  Windows Mail.  Windows Live Mail.  Microsoft Help System and the Microsoft Sidebar.  There are a half dozen of commonly important programs and features in Microsoft Windows that have become attackable.  That is very dangerous, which is why everybody is concerned about it.  Even several governments, like the German Federal Office for Security in Information Technics (BSI), have intensely warned about the security holes.  The “easy” solution:  Don’t use Internet Explorer—or at least use it in the so-called Safe Mode, so the danger can be reduced.

Alarm Level Red

The malicious thing about the current security hole: It is sufficient to navigate to a modified website—and the hole can be abused.  You won’t notice anything, you cannot see it on the site, maybe not even the site owner knows that their site is being abused for such purposes.  A nightmare concerning security.  Absolutely.

Quick Reaction by Microsoft

But gladly Microsoft reacted quite fast this time.  Within few days, the developers have removed the security holes.  Now the patches only have to find their way on your computer.  You have to install an update.  Some computers do that automatically, but I wouldn’t rely on that.  Luckily it is not very complicated to install the security update.

How to Fix the Hole

And this is how you can fix the security hole on your Windows computer: In the Start menu, call the “Windows Update” feature.  There is also a menu entry in Internet Explorer.  The computer then searches for current updates and important patches that you can download with one mouse click.  It will only take some minutes.  If you are advanced and want to learn more details: On its homepage, Microsoft explains all changes detailed and informs which holes have been closed.  After the update, your Windows computer is safe again—and you can continue to surf with Internet Explorer.

By the way: Not every security hole gets as prominent as the latest.  Nevertheless, there are lots of them.  That’s why you should run Windows Update on a regular basis, perhaps once per week.  It won’t take long—but you will be safe.

Using Alternative Browsers

With or without a known security hole: It can’t hurt to play around with other browsers as well.  Whether Firefox, Opera, Safari or Google Chrome: There are lots of possible alternatives.  If you test a different browser when it is calm and have it already installed, then you don’t have to waste lots of time looking around for an alternative when you mustn’t use Internet Explorer for a while.

Firefox

Largest competition for Internet Explorer: without a doubt Firefox.  Version 3.6, even faster, has only been published yesterday.  You should simply take a look at this browser.  Just download it for free and check it out, then it will be available anytime.  But other browsers like Safari, Chrome or Opera are interesting as well and have many fans.

Security Holes in Other Programs As Well

To stay fair: Over the past year, it was not Internet Explorer being the software with the most newly found important security holes, but a different software—Adobe Reader.  Nearly everybody has it installed, because it serves for viewing PDF documents.  Thus, it has become a favorite target for hacker attacks.  Many people just don’t think about that.  My tip: Keep important default programs, like Adobe Reader, up-to-date as well.  Just call the update feature within the software…

2 comments

  1. “This time” Microsoft reacted quickly. This is not normal behavior for them. They will completely ignore vulnerabilities as long as they are not being actively exploited in the wild and affecting millions of systems. There have been instances where they have waited up to 8 YEARS to release a fix for a known problem. Using another browser as your default is an EXCELLENT choice, since all others seem to take security seriously and they patch holes AS THEY ARE FOUND. They also don’t try to bury vulnerabilities when they are discovered which is the normal first tactic by Microsoft.

    All other software can also be affected by security holes. I would recommend installing the Secunia PSI to scan installed programs to identify those with known security holes. It also provides a means for downloading and installing the required patches for these programs. It is one of the best ways to keep on top of all of the security issues with your programs.

Comments are closed.