FBI issues advisory about Microsoft Explorer 8 vulnerability

Better Business Bureau warns consumers and businesses about vulnerability to scams

Better Business Bureau is urging all consumers and businesses to pay close attention to a Cyber Security Advisory issued by the Federal Bureau of Investigation regarding a vulnerability in Microsoft’s Internet Explorer 8 browser (IE8) that could allow scammers to access and take over users’ computers. The risk for all users – home, business and government – is high, and BBB is urging anyone with IE8 to follow the recommended steps to address the problem.

The problem was first announced yesterday, and last night Microsoft released a temporary fix. Here is the original overview from the FBI:

“A vulnerability has been discovered in Microsoft’s web browser, Internet Explorer, which could allow an attacker to take complete control of an affected system. Exploitation may occur if a user visits or is redirected to a web page which is specifically crafted to take advantage of the vulnerability. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploit attempts may result in a denial-of-service condition.”

Microsoft today released a workaround which acts as a temporary fix. It is available at: https://support.microsoft.com/kb/2847140. The company is working on a patch to undo the vulnerability, which does not affect other versions of IE.

“BBB recommends that everyone with Internet Explorer 8 apply the temporary fix immediately,” said Ben Steinberg, Chief Information Officer of the Council of Better Business Bureaus. “If you are not sure which version you have, try running the fix. If you don’t have IE8, the fix will stop running and let you know that your system is not at risk. Microsoft will let you know when the patch is available, and you need to download that as soon as it is.”

To avoid being a victim of computer scams, the BBB provides this advice for online security:

Develop a strong password. A strong password has letters, punctuation, symbols and numbers. A variety of characters makes the password better. Never use personal information such as your name, birthdate, driver’s license, social security number or similar information. Also, avoid sequences or repeated characters.

Avoid Phishing e-mails. Phishing e-mails are a common way for hackers to get at your personal information or break into your computer. Do not respond to requests for financial information. Legitimate businesses do not request personal or financial information by email. Don’t click on any links or open any attachments to e-mails until you have confirmed that they are not malicious. Also beware of unsolicited e-mails from companies with which you have no association.

Install virus detection. To help protect your computer from viruses, make sure you have virus detection software installed on your computer. This software can also help identify if a virus appears on your computer.

Find a computer repair company you can trust. If you are concerned your computer may have been exposed to viruses, contact your service provider directly. Some providers offer free tools that can help detect and remove viruses. If your provider can’t fix the problem, go to checkbbb.org to find a BBB Accredited Business you can trust.

To check the reliability of a company and find trustworthy businesses, visit bbb.org.

This entry was posted in Scams, Technology and tagged , , , , , , , , , , . Bookmark the permalink.

2 Responses to FBI issues advisory about Microsoft Explorer 8 vulnerability

  1. Thank you,
    This information is very useful

    • Miriam Johnson says:

      My first computer crashed.
      My new computer has been hacked in by this microsoft hacker. I am not in the same state as my computer. How do I get it fixed from a distance?

      The “microsoft” hackers have strong accents, They make it sound like they can help get me straightened out and protected. They are determined. They got me to pay $200 for 2 year protection. The most recent call was from (212) 963-8521

Comments are closed.