By Vanessa Nason, news correspondent
Microsoft released a patch on May 1 to fix the security flaw found in the web browser Internet Explorer (IE) days after it was discovered this past weekend.
IE’s latest vulnerability, found by security researchers, was so severe that the U.S. government issued warnings against the browser’s use. Prior to creating the security patch, The Computer Emergency Readiness Team (CERT), part of the U.S. Department of Homeland Security, recommended switching browsers until a solution was found.
The Office of Information Security at Northeastern reiterated this to members of the Northeastern community via an email and postings on their blog and social media outlets.
Mark Nardone, the Director of Northeastern’s Office of Information Security, stated that this precaution was taken because “the risk of infection [laid] mainly in what is known as a ‘drive-by download’ where a user’s computer is infected by browsing an infected [or] malicious website.”
Users can continue using Internet Explorer once they have installed the patch and rebooted their computer.
The security patch is installed through a regular Microsoft update and is supported by all current versions of Windows operating system as well as Windows XP, which is no longer supported. For users who have enabled automatic updates, no extra steps need to be taken to ensure this patch is installed, however, a Microsoft Security Response Center blog post adds that as an extra precaution, “customers are encouraged to upgrade to the latest version of Internet Explorer, IE 11.”
“These patches have been pushed to all Northeastern managed desktops as of last Friday, May 2,” says Nardone. Northeastern took swift measures as soon as notification of the security flaw was received.
According to Nardone, the Office of Information Security “assessed the impact and executed controls to our perimeter firewall defenses, which effectively blocked any malicious traffic to our NuNet and ResNet segments,” and announcements about the bug and the patch were made available to all students, faculty, and staff.
If you think your computer has been compromised or are having difficulty installing the security patch, Nardone recommends going to the ResNet Helpdesk.
Photo courtesy Sean MacEntee, creative commons.