Proudly serving Virginia, Maryland and DC // Call us today! 703.396.6120
V2 SystemsV2 Systems
Seriously, Please Stop Using Internet Explorer

by Erik Briceno

On our social media feed, we’ve posted about the dangers of using Internet Explorer — the depreciated web browser from Microsoft’s bygone age — more times than an IT service should probably have to. Unfortunately, there are many businesses of all sizes who still utilize it or rely on its architecture, and it’s something we all really need to start moving past. A recent discovery involving the browser is just one of nearly countless examples.

The Latest Internet Explorer Vulnerability

This particular find is a doozy and warranted two unscheduled security updates. The vulnerability notifications labeled CVE-2019-1367 and CVE-2019-1255 included the following official statement from Microsoft:

“The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user … An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

Attackers Are Actively Exploiting Internet Explorer Vulnerabilities

In a nutshell, these vulnerabilities are actively being used to take over entire PCs. An attacker can literally do whatever they want to your device and your stored data once you’ve clicked on an affected webpage. Such flaws are not uncommon, and Microsoft typically patches anywhere from 10-20 browser and scripting engine remote code execution bugs each month with the Patch Tuesday bundle. Because they allow remote code execution with little or no user warning or interaction, Microsoft considers such bugs to be “critical” security risks.

Possible Internet Explorer Workarounds

Seriously, Please Stop Using Internet ExplorerUnfortunately for some organizations, having Internet Explorer is a requirement for certain pieces of software. For many businesses in fact, there’s still software from the 1980s embedded in company operations somewhere. For situations like these, there are possible workarounds. Many versions of Windows Server allow for IE to be run in a restricted mode that can reduce the likelihood of a user downloading malware. Microsoft’s CVE webpage also includes commands that users can enter into either 32-bit or 64-bit systems to protect them, by restricting access to JavaScript. However, Microsoft warns these workarounds may still impact functionality.

The best workaround is to stop using Internet Explorer altogether. Microsoft Edge is its official replacement and has been for years now. It’s safer, more functional, faster, and, if truly need be, IE can actually be run as an Edge tab. In addition, Microsoft will soon be updating Edge with a Chromium-based version.

The bottom line: Internet Explorer is outdated, obsolete and poses far too many security risks for use in this day and age. Do you need help updating your technology? Call us. That’s what we’re here for.

 

Since 1995, Manassas Park, VA-based V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. Concentrate on your VISION…We’ll handle the TECHNOLOGY!

 

ebriceno
About ebriceno
Erik Briceño is the owner of V2 Systems, Inc., one of Northern Virginia’s leading Information Technology Managed Service Providers. He is an inspiring leader for its employees and instrumental business partner for its customers. He is passionate about V2’s purpose, dedicated to exceeding expectations and a consummate professional not afraid of jumping in and getting his hands dirty. Prior to joining V2 Systems in 2002, Erik was a co-founder and COO of Ampcast.com, a leading provider of online resources servicing over 5,000 independent musical artists. At Ampcast.com, Erik spearheaded all aspects of corporate development, funding, strategic vision, and business development for the firm. From 1997 to 1999 Erik held the position of Acoustic Systems Engineer for Electric Boat Corporation, a leading defense contractor. In this role, Erik was responsible for the acoustic fidelity of two noise critical systems and components in the US Navy’s nuclear submarine systems. Erik holds a B.S. in Mechanical Engineering from Vanderbilt University and a Masters of Business Administration from George Mason University. When not working, you will find Erik a dedicated family man, raising two young children with his lovely wife Karen. Together, they enjoy building legos, playing baseball, skiing, riding horses, swimming, traveling, and fixing up old Mopars.
Seriously, Please Stop Using Internet Explorer
Seriously, Please Stop Using Internet Explorer