Threat level goes HIGH, as Microsoft readies fix for critical Internet Explorer security hole

Filed Under: Featured, Malware, Microsoft, Vulnerability

Pressure meter. Image from ShutterstockExperts at SophosLabs have raised their threat level to "High" in response to an as-yet unpatched security vulnerability in Internet Explorer.

The zero day threat, which was uncovered at the weekend and impacts most versions of Windows, has already resulted in the German government advising users to stop using Internet Explorer.

The rise in the SophosLabs internet threat barometer comes in response to in-the-wild detections that the team has seen in attacks exploiting the CVE-2012-4969 vulnerability in Microsoft's popular web browser.

SophosLabs defines various threat levels from "Low" to "Critical", based upon the prevalence of malware, spam and web threats, and intelligence regarding new vulnerabilities.

Judged on its own, SophosLabs rates the Internet Explorer vulnerability as critical - but the seriousness of the threat means that our experts rate the threat level on the net as a whole as "high".

At the time of writing, Microsoft has only published details of temporary workarounds to reduce the chances of computers being exploited by the vulnerability, but it's clear that the ideal solution would be an official patch for Internet Explorer.

The good news is that Microsoft is working on a fix.

Yunsun WeeYunsun Wee, a communication director at the Microsoft Security Response Center, has said that the company plans to release a "Fix It" within the "next few days".

"The Fix it is an easy-to-use, one-click, full-strength solution any Internet Explorer user can install. It will not affect your ability to browse the Web, and it will provide full protection against this issue until an update is available. It won't require a reboot of your computer"

If you can't wait for a fix, or if you don't like Microsoft's suggested mitigation workarounds, then the only sensible option is to use another browser.

Unfortunately, that's not an easy option for companies in particular to take.

(Customers should note that Sophos products protect against the vulnerability detecting attempts to exploit it as Exp/20124969-A - however, we would still recommend that IE users apply the security patch as soon as it is released by Microsoft).

Pressure meter image from Shutterstock.

, , , , ,

You might like

5 Responses to Threat level goes HIGH, as Microsoft readies fix for critical Internet Explorer security hole

  1. MikeP · 771 days ago

    That M$ have known of this for four months already and not released a patch is seriously worrying.
    It is yet another reason why, in my view, MS should have been made to disconnect IE from all Windows OSs. That way we could be safer by uninstalling IE and using other browsers which may be more secure. Other operating systems can manage perfectly well without having something as flawed as IE built in, though all have some form of communications method to receive updates, etc. But it seems they are less (?) vulnerable to security errors and flaws.

  2. JimboC · 771 days ago

    Hi MikeP,

    Windows 7 allows the user to uninstall Internet Explorer and remove it from the OS if they wish. Here is an article that explains how to remove the pre-install IE 8 from Windows 7:
    http://www.howtogeek.com/howto/2734/uninstall-dis...

    Microsoft is not unique in bundling their browser with their OS. Apple do the same with Safari in Mac OS X. Since Apple fixed 163 flaws in iTunes with the recent 10.7 update (which also relies on the Webkit rendering engine, the same as Safari), you could also take the same view that Apple should also allow its user to remove Safari.
    http://threatpost.com/en_us/blogs/apple-fixes-hug...

    Since everyone has the choice to use the browser they wish and uninstall IE from Windows, I don't see the problem.

    Thank you.

  3. roy jones jr · 771 days ago

    @MikeP
    Well no software is perfect. While it may 'seem' others are less vulnerable, it just may mean they hide their issues more. Microsoft works on patches and releases them. Thats how future maintenance for software works in IT. No one has a crystal ball.

  4. Anonymous · 771 days ago

    Sorry, but I am not tech-savvy yet have so many (dumb) questions about this that I don't know where to begin.

    Here goes;

    1. How is this malware spread? Is there a semi-obvious sign, such as a Flash update pop-up that appears on your screen? Or can you get the malware just by using IE?

    2. How would the technologically-dense person know if he has the malware? If he had stupidly used IE in the day(s) BEFORE he read this article, should he err on the side of caution and assume that his computer is infected?

    3. If your computer is infected, should you flatten and rebuild (clean wipe) your computer and then avoid IE until Microsoft releases a stable security patch (not just the quick fix that's mentioned here)? Or will the stable security patch (hopefully) completely remove the malware and so eliminate the need to flatten and rebuild your infected computer?

    4. Can current antivirus software prevent the malware from loading on your computer, even if you've clicked on something (e.g., a pop-up masquerading as a Flash update) or used IE?

  5. Computer Slogger · 771 days ago

    "Unfortunately, that's not an easy option for companies in particular to take."

    This is an understatement, to say the least. Everyone who posts things like "Who uses IE anymore?" is totally disconnected from the business world. Here, we are locked in to decisions made a long time ago when it was decided to put browser front ends on applications, even before the mass movement of applications to the "Cloud". (Don't even get me started)

    As far as universal adherence to standards that would have made true browser choice a reality, that train left the station years ago. We may get closer to it going forward but it will be a long time after it is theoretically possible before vendors update their applications so that we aren't forced to continue on using IE8 in order to fully access all functions of the vendors applications.

    Computer Slogger

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.