As you may have read in mainstream news media outlets, a security vulnerability was recently discovered in Internet Explorer which could allow a remote attacker to execute code on a compromised system. This vulnerability is being actively exploited through Flash-enabled web sites. The vulnerability allows an attacker to execute code on the compromised system and gain access with the same level of permissions as the system user.
Microsoft is releasing patches to address this vulnerability. Middlebury’s network has enhanced security protections already in place.
Here are some protective steps that you can take on your own:
- Patch your newer Windows systems with Windows Updates.
http://www.update.microsoft.com - Patch Windows XP systems with Microsoft’s “Fix-It” tool.
http://support.microsoft.com/kb/2847204 - Use a different web browser like Firefox, Safari, or Chrome.
- Disable the Flash plug-in in Internet Explorer.
More information about the vulnerability is available on the LIS Information Security web site’s ‘Threat Bulletin’ area: http://www.middlebury.edu/media/view/476056/original/middlebury_ie_zeroday.pdf
If you have specific questions, please feel free to email infosec@middlebury.edu.