computer virus services savannah, IP security services

There’s been a new type of attack in the wild that Microsoft’s Security Research & Defense blog describes as a “browse-and-get-owned attack vector”.  This only effects Windows XP machines and Server 2003 machines, but Microsoft recommends that users patch Windows Vista and Server 2008 to be safe.

So how does this attack occur and why should you be concerned? For this attack to be successful, the user simply has to open an email or browse to a website that opens a Video ActiveX Control. A malicious payload of the attacker’s choice is then downloaded onto the user’s system. This could be anything from annoying adware to password stealing programs that could allow an attacker to steal your online banking or Paypal credentials.

Currently, there’s no official patch for this exploit but there is a workaround that was just released. The workaround disables this particular ActiveX control in Internet Explorer. This will not degrade the end users experience because there is no legitimate need for this particular ActiveX control in Internet Explorer to begin with. The next round of patches are due from Microsoft on July 14th, which may or may not include a patch for this very serious security risk.

In the mean time, Falcon Worx recommends that all of our customers and friends visit the Microsoft’s Security and Defense blog to download the work around for this exploit. Go to the bottom of the page and click the “Fix It” image. Download the .MSI file, and just click “Next”. Yes, it’s really that simple!

Once again, this is an example of how Falcon Worx uses a proactive approach rather than a reactive approach. Why wait UNTIL you have a problem? Take care of the problem BEFORE it can occur, protecting your company from downtime! If you need assistance implementing this workaround, contact us to setup an appointment!

DOWNLOAD:

Microsoft Security Research & Defense Blog