On April 26, Microsoft notified customers of a vulnerability in Internet Explorer that affects browser versions 6 through 11. This vulnerability has the potential to allow attackers to run malicious code on vulnerable machines when users visit compromised or malicious websites. The Department of Homeland Security confirms that they are aware of active exploitation of this vulnerability in the wild. Continue reading “Avoid Internet Explorer until vulnerability fixed”
Tag: Internet Explorer
Before people escape to their spring break destinations, be aware that Internet Explorer version 6 (IE6) and version 7 (IE7) will be upgraded to version 8 (IE8) at K-State on April 1 for security and application compatibility reasons. Since the original announcement, no one has raised any issues against the upgrade — on the contrary, many have applauded the move. Thus, we plan to proceed with the upgrade as originally planned.
This update will be applied to university computers that use the central WSUS server. System administrators who manage their own WSUS servers are encouraged to apply the update as well. Computers that do not have Microsoft patches managed by any WSUS server should manually update to IE8 if they have not already. If you are unsure what category you fit into, contact your IT support person or the IT Help Desk.
Internet Explorer, the most widely used web browser in the world, has often been in the news of late because of its involvement in the recent, well-publicized hack of Google and other corporations, allegedly by the Chinese government. Since a vulnerability in Internet Explorer 6 (IE6) is alleged to be one of the ways the hackers got into Google’s network, Google has joined the chorus of companies planning to phase out support for IE6 and are urging users to upgrade to Internet Explorer 8 (IE8). That chorus includes Facebook, YouTube, Digg, some European governments, and even Microsoft itself. There was even an “IE6 Must Die” petition on Twitter.
Now K-State is joining the chorus too. SIRT is proposing that on April 1, remaining instances of IE6 on campus be upgraded to IE8. For campus computers that use K-State’s central WSUS server, this update will be pushed automatically. System administrators managing their own WSUS environment or using some other way to manage application updates on Windows computers are urged to do the same.
If you have concerns about this update being pushed to campus computers on April 1, please discuss it with your SIRT representative or Harvard Townsend, K-State’s chief information security officer and chair of SIRT.
At noon today (Tuesday, July 28), Microsoft releases a rare “out-of-band” security patch that includes a critical security patch to Internet Explorer and a patch for Visual Studio. Due to the security risk, details of patches are typically not disclosed until the patch is released, so we cannot yet assess the risk to K-State. However, the fact that Microsoft issued this patch before the regular second-Tuesday-of-the-month patch release implies a serious threat. Thus, K-Staters are encouraged to apply the patch when it becomes available. For most people, this will happen automatically.
During the course of any web-browsing session, you may end up with several telescoping treks into many different sites. An alternative to opening 20 windows is to use browser tabs instead.
Browser tabs are supported in every major browser (Internet Explorer, Mozilla Firefox, Google Chrome, Opera, Safari). Think of a tab like adding a new page to the current window that can have a completely different website loaded in it.
For example, here’s a screenshot of my current tabs in Firefox:
Not only do browser tabs simplify your browsing experience, they can also save system resources and time. For instance, if you frequent a website that is slow to load, you can flip to a different tab and read that webpage while the other one loads.
Continue reading “Simplify Internet browsing by using tabs”
On March 19, Microsoft released Internet Explorer 8 (IE8), its next-generation web browser. While it has several useful security features, people should talk to their IT support staff before switching to IE8 since it has not been thoroughly tested with K-State enterprise applications like iSIS and K-State Online.
Recalling the application incompatibilities experienced when IE7 replaced IE6; proceed cautiously with plans to upgrade to IE8. Microsoft did try to deal with the IE6-to-IE7 fiasco this time by including a “Compatibility View” in IE8 that should correctly display pages incompatible with IE8, but again this needs to be tested thoroughly.
To assist in the battle against malware that daily threatens K-State computers, Web Reputation Services (WRS), also known as “Web Threat Protection Services”, was enabled last week in K-State’s Trend Micro OfficeScan for those managed by the central IT Trend Micro server. WRS augments the antivirus and antispyware protection already offered in OfficeScan to add another layer of prevention against the rapidly evolving, increasingly sophisticated, quickly spreading, and growing number of malicious threats faced by K-Staters as they browse the Internet.
Web Reputation Services works by checking every web address you attempt to visit in a web browser and blocking access to those found in a list of known malicious sites. WRS works with all major web browsers, including Internet Explorer and Firefox.