coe-staff: Fwd: uosecurity: Security Advisory: Zero-day Vulnerability with Internet Explorer

Terry Kneen tkneen at uoregon.edu
Fri Sep 21 07:53:29 PDT 2012 

There is a security issue if you are using Microsoft Internet Explorer (IE). The recommendation is that you NOT use IE until Microsoft releases a patch (today) and you have installed it. Please use some other browser such as Firefox or Chrome.

We have had at least 3 PC's infected this week, I would also recommend that you make sure that your McAfee is up-to-date.

Terry



Begin forwarded message:

From: "Jon K. Miyake" <miyake at uoregon.edu<mailto:miyake at uoregon.edu>>
Date: September 20, 2012 4:09:04 PM PDT
To: Departmental Computing List <deptcomp at lists.uoregon.edu<mailto:deptcomp at lists.uoregon.edu>>, <uosecurity at lists.uoregon.edu<mailto:uosecurity at lists.uoregon.edu>>, UO Security Group <security at uoregon.edu<mailto:security at uoregon.edu>>
Subject: Re: uosecurity: Security Advisory: Zero-day Vulnerability with Internet Explorer


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday, September 21st, Microsoft will be releasing an out-of-band
patch to address the zero-day vulnerability with Internet Explorer
(IE).  For those units who have centrally managed desktops, while not
by-passing your standard early-bird testing, please consider an
accelerated deployment.  For units with an un-managed desktop
environment, please advise your end-users that this is a critical update
that should be applied at their earliest convenience.

Until the patch has been applied to their desktop system or the
vulnerability mitigated in some other fashion, please continue to ask
your end-users to use an alternate web browser, such as Chrome or Firefox.

- --
Sincerely,
Jon K. Miyake

Information Services    Sr. IT Policy and Security Administrator
University of Oregon    voice #:       (541) 346-1635
                                      (541) 346-5837
                             Computing Center Rm 225

On 9/18/12 5:44 PM, Jon K. Miyake wrote:

A vulnerability was recently identified, with Microsoft Internet
Explorer (IE), that could allow the execution of arbitrary code on a
vulnerable system. The issue is reported to affect most version of IE
running on Microsoft Windows. At this time Microsoft does not have a
patch for the vulnerability. Use of the vulnerability has been reported
in the wild and exploit code was recently made publicly available.

IT staff will want to notify their end-users of this issue. In most
instances the recommendation is to use an alternate web browser, such as
Firefox or Chrome. Microsoft has published general mitigation
recommendations for the vulnerability. It is important to note that the
Microsoft EMET recommendation, by itself, may not be sufficient to
prevent successful exploitation of the vulnerability. See the "Kreb's
on Security" article (link available below) for more details.

Mitigation Recommendations from Microsoft:

- Deploy the Enhanced Mitigation Experience Toolkit (EMET) - This
will help prevent exploitation by providing mitigations to help
protect against this issue and should not affect usability of Web
sites.

- Set Internet and local intranet security zone settings to "High" to
block ActiveX Controls and Active Scripting in these zones - This
will help prevent exploitation but may affect usability; therefore,
trusted sites should be added to the Internet Explorer Trusted Sites
zone to minimize disruption.

- Configure Internet Explorer to prompt before running Active
Scripting or to disable Active Scripting in the Internet and local
intranet security zones - This will help prevent exploitation but can
affect usability, so trusted sites should be added to the Internet
Explorer Trusted Sites zone to minimize disruption.

Microsoft Advisory and Mitigation Toolkit

http://technet.microsoft.com/en-us/security/advisory/2757760
http://www.microsoft.com/en-us/download/details.aspx?id=29851

Kreb's Article on Enhanced Mitigation Experience Toolkit (EMET)



http://krebsonsecurity.com/2012/09/internet-explorer-users-please-read-this/

Additional Details about IE Vulnerability

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4969


http://labs.alienvault.com/labs/index.php/2012/new-internet-explorer-zero-day-being-exploited-in-the-wild/



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQCVAwUBUFuiEMV+r+BcytBFAQLbLgP/RkN/KM6UfdQw0LkKoMWTRz1xm8L72JX5
iUGC21mykjyFfu9VZPooJHkR3qO15lP1btZv4AaHL0JUPK7GNyQXA4ZPql9BYsxS
6zL3k3ueVrvmaWrrh1gxyp7JCan9X6TXZivAnUFMvtJXSR1D6bfFG7ZqB5KIBrio
DG1n/Fl5mRM=
=AC4N
-----END PGP SIGNATURE-----

_______________________________________________
uosecurity mailing list
uosecurity at lists.uoregon.edu
https://lists-prod.uoregon.edu/mailman/listinfo/uosecurity

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists-prod.uoregon.edu/mailman/private/coe-staff/attachments/20120921/d8882043/attachment.html>

More information about the coe-staff mailing list