Microsoft’s recent out-of-band update to combat the Aurora exploit in Internet Explorer is a testament to the seriousness of this threat for users of IE7 and 8. Until more is known about this threat, there are a few extra steps you can take to ensure that you are protected.
What makes the Aurora vulnerability so dangerous is its ability to be delivered to your computer through links and file attachments such as PDF documents. Normally, an attack is perpetrated through these means by appearing to come from a trusted source.
Although not an uncommon tactic of hackers and others who take malicious advantage of exploits, the fact that this vulnerability targets IE7 and 8 across so many platforms makes taking a few extra precautions prudent.
The Aurora exploit targets IE6 SP1 on Windows 2000 SP4 and IE 6, 7, and 8 on Windows XP, Vista, and 7; Windows Server 2003 and 2008; and Server 2008 R2. Given the breadth of software it can potentially affect, you can see that the Aurora issue is a major problem for both home and business users.
Other than downloading and installing the out-of-band patch to fix the aurora threat, there are two more things you can do to ensure that you are protected until more is known about this vulnerability.
First, consider disabling Acrobat JavaScript in Adobe Acrobat Reader. A common method for delivering the Aurora vulnerability, temporarily disabling JavaScript in Adobe Reader will prevent infected PDF files from exposing you to the threat.
To disable JavaScript in Adobe Reader, click on edit>preferences and in the Window that opens, click on JavaScript in the Categories list on the left hand side. Then, uncheck the box that is labeled Enable Acrobat JavaScript.
The second measure you can take to protect yourself from the Aurora threat is to temporarily disable Active X controls in IE7 and 8, or at least set up these browsers to prompt you before Active X controls execute.
To change the Active X control settings in IE7 and 8, click on Tools>Internet Options and then click on the Security tab. In the Security level for this zone section, click on the Custom level button.
In the Security Settings – Internet Zone window, scroll down to the category labeled Active X Controls and Plug-ins. Here you can choose to disable Active X controls altogether or choose to have IE7 or 8 prompt you before allowing an Active X control to run. Now close Internet Explorer and start it up again for the changes to take effect.
After updating your computer to protect it from the Aurora Internet Explorer threat, you have the option to further protect yourself with the two recommendations discussed above. Although some people may feel that these extra measures are overkill, consider that until more is known about the Aurora threat, it is better to be safe than sorry.
Be The First To Comment
Please Leave Your Comments Below