Yes Again! Hackers Exploring Exploit of Explorer. Flaw in Versions 6 Thru 11 Puts Half the Planet’s IE Browsers at Risk.

Posted on April 28th, 2014 by Dan Rampe

Windows Explorer

Heartbleed was “so last week.” Maybe that’s why the tech gods decided to send us another little thunderbolt. And this one may not be that little.

The security firm that first discovered the flaw said that hackers are primarily concentrating their efforts on IE 9 through 11 though no version of Explorer is exempt from attack.

To exploit the flaw, the hacker requires the user’s cooperation. That is, the user must click on a link or open an attachment. Once inside, the hacker can install malware, which, Microsoft explained, makes it possible for the hacker to “gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

According to a piece on washingtonpost.com by Gail Sullivan, Microsoft says once it finishes its investigations “it will issue a fix for the problem, either in a monthly security update or a special security update.”

Till the fix is available, Microsoft suggests downloading its Enhanced Mitigation Experience Toolkit version 4.1 to help guard against attacks.

FireEye, which discovered the flaw, suggested disabling the Adobe Flash plugin (the attacks won’t work without it) and running IE in enhanced protection mode (only available in IE 10 and 11) for maximum protection.

If you’re still running XP, the best advice is to cross your fingers and hold your breath or use Firefox, Chrome or another browser. That’s because short-term solutions don’t work and Microsoft won’t be releasing patches.

If your OS is a later version that will be covered by a patch, you’re still not out of the proverbial woods. You see, about 10 percent of government computers still run XP. That, according to the Washington Post’s Craig Timberg and Ellen Nakashima, includes thousands of computers on classified military and diplomatic networks.

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.