Zero Day Exploit in Microsoft Internet Explorer – Updated!

Listen up people! Microsoft has announced that there is a “zero day” vulnerability in Internet Explorer (IE)! See here for more details: September 17 – NBCNews.com – Microsoft...

836 0
836 0

Listen up people! Microsoft has announced that there is a “zero day” vulnerability in Internet Explorer (IE)!

See here for more details:

September 17 – NBCNews.com – Microsoft urges customers to install security tool

It seems to me that you have two choices here:

  1. Go with Microsoft’s recommendation and install EMET (Enhanced Mitigation Experience Toolkit).
  2. Take my recommendation and switch from IE to an alternative browser like Firefox or Chrome.

Before you automatically go with option 1, note the following quote direct from Microsoft’s website:

“Are there any risks to using EMET?

The security mitigation technologies that EMET uses carry an application compatibility risk with them. Some applications rely on exactly the behavior that the mitigations block. It is important to thoroughly test EMET on all target computers by using test scenarios before you deploy EMET in a production environment. If you encounter a problem with a specific mitigation, you can individually enable and disable the specific mitigations. For more information, refer to the user’s guide that is installed with EMET.

Given this, I think for most people Option 2 is a better bet. I believe the alternative browsers are likely to cause fewer problems for most users than the EMET. Of course, Microsoft will never recommend any product that isn’t Microsoft so they won’t even hint at option 2 even if that’s really the best choice for you!

There are a lot of alternative browsers available. I prefer Mozilla Firefox, but I have and use Chrome as well. Both will get the job done. Whatever you choose, be aware that you may need to import Bookmarks from IE the first time you start-up the browser. After that you should be all set!

Important! Don’t go back to using IE until Microsoft releases a security update to fix this problem!

Update September 21, 2012

According to this article released today:

NBCnews.com – Microsoft permanently patches critical IE hole

If you have automatic updates enabled you should be all set. If you don’t be sure to run Windows Update to get this fix.

 

In this article

Join the Conversation