In mid-January 2020, Microsoft issued advisory ADV200001 warning of a vulnerability in the scripting engine of Internet Explorer.\u00a0 Yes, I know, that\u2019s gibberish to most of you.\u00a0 It means that there could have been an attempt to execute code in attack mode via that browser.\u00a0\u00a0 How?\u00a0 You could have received an email with a link that explicitly opened Internet Explorer (even if it wasn\u2019t your default browser) and been sent to a malicious web site specifically designed by bad guys.\u00a0\u00a0 If exploited successfully, the attacker could have gained access rights to your computer.\u00a0 As Microsoft put it at the time: \u201cAn attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\u201d<\/p>\n\n\n\n
That\u2019s very bad (I\u2019d segue into the Ghostbusters<\/em>\n\u201cdon\u2019t cross the streams\u201d theme about the definition of the word \u201cbad,\u201d but I\u2019m\nsure you get the idea).<\/p>\n\n\n\n At the time, Microsoft did not have an immediate fix.\u00a0 As of February\u2019s \u201cpatch Tuesday,\u201d they announced one with the heading \u201cSecurity Advisory CVE-2020-0674.\u201d\u00a0 Microsoft will be patching desktop operating systems from Windows 7 clear through the latest version of Windows 10, plus a slew of server operating systems.<\/p>\n\n\n\n The Network Operations Center will be testing this set of\nupdates for the next seven days. If the patches pass those tests, then\nthe updates will be available for all of you by the end of next week. In\nthe interim, I have only one thing to say: DO NOT USE INTERNET\nEXPLORER,<\/strong> USE ANOTHER BROWSER! There are several to choose from, for\nexample, Mozilla Firefox, Google Chrome, Opera (which I didn\u2019t recall as being\naround, but it still exists) or Brave (which I\u2019m sure you\u2019ve never heard of),\nheck there are probably some of you who use Edge in Windows 10 (heaven help\nyou). If you\u2019re not sure what browser is your default, write to me and\nI\u2019ll let you know.<\/p>\n\n\n\n But let\u2019s get down to the meat of this:\u00a0 If Microsoft announced the problem on January 17 and only released the solution on February 11, the bad guys had a considerable amount of time to take advantage of the vulnerability, and yet the world didn\u2019t come to a screeching halt.\u00a0 But I don\u2019t \u2013 for one minute \u2013 want to suggest that you not<\/em> patch a known vulnerability.\u00a0 What I recommend, instead, is a moderate amount of common sense.\u00a0 And the best way to implement that would be to stop using the problem-plagued browser, even after your computer receives the patches.<\/p>\n\n\n\n Bottom line: this exploit is explicitly for IE\n\u2013 so to avoid any<\/em><\/strong> possible unpleasantness, don\u2019t use it. \nSimple really.<\/p>\n\n\n\n Thanks and safe computing!<\/p>\n","protected":false},"excerpt":{"rendered":" In mid-January 2020, Microsoft issued advisory ADV200001 warning of a vulnerability in the scripting engine of Internet Explorer.\u00a0 Yes, I know, that\u2019s gibberish to most of you.\u00a0 It means that there could have been an attempt to execute code in attack mode via that browser.\u00a0\u00a0 How?\u00a0 You could have received an email with a link …<\/span> Read More →<\/span><\/a><\/span><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[7,46,48,40,37],"tags":[],"class_list":["post-361","post","type-post","status-publish","format-standard","hentry","category-everyone","category-microsoft","category-patch-tuesday","category-security","category-windows-update"],"_links":{"self":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/361","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=361"}],"version-history":[{"count":1,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/361\/revisions"}],"predecessor-version":[{"id":362,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/361\/revisions\/362"}],"wp:attachment":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=361"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=361"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=361"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}