September 18, 2012
Internet Explorer Vulnerability

Many of you have probably seen the warnings in newspapers and news reports about a new vulnerability in Microsoft's Internet Explorer. There have been some identified attacks targeting this vulnerability, but at the present time these attacks do not appear to be widespread. An attacker who is able to exploit this vulnerability would have the same user rights as the current user. Because Extension computers should be operating with power user rights not administrator rights, an attack, if it happens, will have less impact on the computer.

Microsoft is working on a patch for the vulnerability and will be issuing an update shortly.

Things you can do:

  1. Be sure your computer has the latest updates for Windows, Office, and EndPoint Protection (your anti-virus program).
  2. Don't click on unknown links or visit untrusted websites.
  3. Operate your computer as a power user (when you're logged in with your Net-ID) not as an administrator
  4. Be aware of where you are on the web, what links you click on, suspicious emails, etc.

Some people are recommending switching to a different browser for the moment. We do not think the threat warrants that approach at this time, but will update you as the situation develops.

If you have additional questions, please contact the Computer Support Hotline at 515-294-1725 or via email at eithotline@iastate.edu

Posted by dcoates at September 18, 2012 11:38 AM