All current versions of the Internet Explorer browser (versions 6-11) have a built-in security vulnerability being actively exploited by hackers. Industry leaders, including the U.S. Computer Emergency Response Team have recommended to stop utilizing Internet Explorer until the vulnerability has been patched. The use of alternative Web browsers like Firefox and Chrome are recommended.
The vulnerability, CVE-2014-1776, allows data thieves to have unfettered access to data stored on the computer. Furthermore, the vulnerability has been confirmed to crash Internet Explorer on Windows XP. This is the first vulnerability that will not be patched for Windows XP users as Microsoft ended support for Windows XP on April 8.
At this time, there have been no reports of the vulnerability being exploited on UNL systems but all users should take care and follow these suggestions:
Make sure all computer software is up to date and is utilizing the latest patches or service packs. This includes Windows and Mac OS, Adobe products, Java, and anti-virus signature files such as used in Symantec.
Do not open URL links or attachments from email that you were not expecting.
Run an anti-virus scan on your computer (this includes Mac OS computers).
Consider utilizing a malware scanner on your computer such as Malware Bytes or HitMan Pro and scanning for malware on your Windows based computer.
Backup data stored on computer hard drives.
Use Firefox, Safari or Google Chrome when possible.
Until a software update has been developed, Microsoft is recommending the use of Enhanced Mitigation Experience Toolkit (EMET) 4.1. Enabling Enhanced Protected Mode in IE 10 and 11 is also recommended.
To replace the Explorer Web browser, download Google Chrome or Mozilla Firefox.
For instructions on the Enhanced Migitation Experience Toolkit, click here.
For more information, contact computer support staff or the UNL Computer Help Center at mysupport@unl.edu, 402-472-3970 or 866-472-3970.