Microsoft has released a security update to address a major security flaw in Internet Explorer.
Security Update for Internet Explorer for Windows XP (KB960714)
Download the version for your machine, here.
This one's serious. Share the info with your friends.
I have Automatic Updates enabled on my mom's / gf's / grandma's system. Will it patch itself, or do I need to go do it by hand? Automatic Updates will get it handled. The patch is about 4MB, so it may take a little while if they're on dial-up.
mechBgon adds: there are also new extremely-important security updates for Opera and FireFox on all platforms, so here's links to those as well. It's a browser-patching conjunction of the planets!
Possible side effects of DEP in IE7? Some browser add-ons might crash. Older versions of Sun Java Runtime did, for example. This is undoubtedly why DEP's not enabled by default.
What else? If you use Vista, then leaving User Account Control (UAC) enabled allows IE to operate in Protected Mode, which basically mitigates the vulnerability that this sticky is discussing.
Security Update for Internet Explorer for Windows XP (KB960714)
Download the version for your machine, here.
This one's serious. Share the info with your friends.
I have Automatic Updates enabled on my mom's / gf's / grandma's system. Will it patch itself, or do I need to go do it by hand? Automatic Updates will get it handled. The patch is about 4MB, so it may take a little while if they're on dial-up.
mechBgon adds: there are also new extremely-important security updates for Opera and FireFox on all platforms, so here's links to those as well. It's a browser-patching conjunction of the planets!
- Opera has been updated to 9.63 (download links for Linux, Mac and Windows) to fix "extremely severe" security vulnerabilities.
- FireFox has just been updated to 3.0.5 (download links for Linux, Mac and Windows), or 2.0.0.19 for FF2 users (download links). If you use FireFox 2, it's time to move on to FireFox 3, because there will be no further security updates for FF2 and your anti-phishing capabilites will cease.
- Secunia has a free checkup utility for home users of Windows. It'll find vulnerable software you have installed, and link you to patches that fix the problems. They've got both an installable version, and a browser-based one: http://secunia.com/vulnerability_scanning/
The bad guys routinely use those vulnerabilities to infect computers, even if your browser itself is patched, so take advantage of this simple way of eliminating publicly-known vulnerabilities in stuff like Adobe Reader, Flash Player, QuickTime, WinAmp, and many other types of software. Secunia's stats show that less than 2% of systems are fully patched. How about yours?
- Right-click on an Internet Explorer icon, and choose Run as Administrator from the right-click menu (you'll only have to do this once).
- In Internet Explorer, click Tools > Internet Options, and then click the Advanced tab.
- Scroll down and put a checkmark in Enable memory protection to help mitigate online attacks (pic :camera:). This checkbox can only be changed if you use Run as Administrator. Don't ask, I don't know why either
- Close Internet Explorer. DEP is now activated for the 32-bit version of IE. If you have 64-bit Vista, you don't need to do this for 64-bit IE7, because DEP is mandatory on all 64-bit processes in Vista x64.
Possible side effects of DEP in IE7? Some browser add-ons might crash. Older versions of Sun Java Runtime did, for example. This is undoubtedly why DEP's not enabled by default.
What else? If you use Vista, then leaving User Account Control (UAC) enabled allows IE to operate in Protected Mode, which basically mitigates the vulnerability that this sticky is discussing.
Facebook
Twitter