Zero-Day Internet Explorer Vulnerability

First of all – what does zero-day mean? It is the day a vulnerability was found. If a bug was around for 10 days it would be a 10-day vulnerability. Usually a fix will be developed in the form of a patch or workaround.

A zero-day exploit means an attack takes place the day a vulnerability is discovered.

On March 30, 2019, two zero-day vulnerabilities were discovered in Microsoft EDGE and Internet Explorer. Without getting too technical, the behind the scenes code of the browser can occur when you visit a malicious site and some of the same origin policy code allows other sites to intervene. When working correctly, it would prevent other sites from accessing your information.

Another vulnerability is related to MHT files. Internet Explorer can still read MHT files. If you are using Outlook, you may see this above an email: “If there are problems with how this message is displayed, click here to view it in a web browser.” It will then open in IE even if you are using Windows 10 with Edge. If the MHT file is infected you will have problems.

To prevent programs from opening IE, you can go into “Programs and Features” in Control Panel and then to “Turn Windows features on or off” and uncheck Internet Explorer 11. Restart your computer.

Trend Micro Blog

End of the Line for Windows XP

Microsoft will end support for Windows XP on April 8, 2014. So what does that mean?

It really means a lot and is a big deal, volumes have been written, lawsuits are beginning from companies that claim they have custom software that can’t be migrated and on and on and on. So here are few points to consider from some one that loves his Dell 4400 laptop that can’t be upgrade so it now sits in a bag.

1. There will be no more security updates or patches for XP or the IE browsers that run on XP!
2. Much of the newest web technology will not display or run correctly on older IE browsers that XP supports.
3. Your favorite software programs may not continue to to be supported and updated.
4. Older versions of IE that XP will run are already security risks and will continue to degrade.

Microsoft is almost begging people to upgrade to Windows 8 and will pay you to do it, they are offering a $50 gift card if you buy a new machine with Windows 8.

If you decide to keep running XP consider the following suggestions:
1. Run the machine offline, if you do not need the computer in question to be online then physically take it offline (unplug it!)
2. Quit using IE and switch immediately to the latest version of the Firefox or Chrome web browser and keep it updated.
3. Obtain and deploy the latest greatest anti-virus software and run it and keep it up to date.
Remember: There will be no more security updates or patches for XP or the IE browsers that run on XP!

It is estimated that there are approximately 18,000,000,000 (18 million) computers world wide that will still be running XP on April 9, 2014 which is a huge target for Malicious Software Developers (hackers and virus developers) and they will go after these machines.

The decision is yours but Remember, There will be no more security updates or patches for XP or the IE browsers that run on XP After April 8, 2014!

~ Jody Victor