On December 19, Microsoft announced the release of a security patch to combat a security hole in its Internet Explorer browser. This “out of band” patch was issued outside of normally scheduled patch distributions, indicating an urgent reaction to a previously unseen “zero day” security exploit.
Per the statement and accompanying advisory, “a remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.” Using this vulnerability, bad actors have set up malicious web sites. Once unprotected IE users go to these sites, attackers can install malware, access data, create accounts with administrative rights, and more. The advisory indicates that the issue is active, has been seen in action, and has been reported to Microsoft by Google.
The critical security hole affects IE versions 11 from Windows 7 through Windows 10 on end user systems. It likewise affects IE installations on Windows servers, as follows: IE 11 on Windows Server 2012, 2016, 2019; IE 9 on Windows Server 2008; IE 10 on Windows Server 2012.
Per Microsoft, users who have enabled Windows Update and have applied the latest security patches are protected. Windows 10 users who have not enabled updates can manually apply updates here. Users of earlier versions of Windows can manually apply updates here.
ACA Aponix Guidance
ACA Aponix recommends taking the following precautionary measures regarding the Microsoft IE vulnerability:
- Ensure that the Microsoft IE patch has been applied to all instances of IE across the organization. Push patch updates as necessary; when needed, enable technical support resources to help users make necessary changes.
- Conduct vulnerability scanning to determine if unpatched instances of IE are exposed within the organization.
- Block outbound internet, where possible, on servers.
- Closely monitor logs and other reporting tools for unusual activity.
- Train staff to recognize and not fall prey to phishing and other social engineering schemes.
How ACA Can Help
ACA Aponix offers the following solutions that can help protect your firm and your employees from breaches, or related cybersecurity risk:
- Threat intelligence
- Phishing testing and cyber awareness training
- Cyber incident response planning and tabletop exercises
- Penetration testing and vulnerability assessments
- Cybersecurity and technology risk assessments
For More Information
If you have any questions, please contact your regular ACA Aponix consultant, or email us at firstname.lastname@example.org