FW: Alert: Stop Using Internet Explorer: Malware Found

The Friday Funny Email comes from ASU today.

Funny thing about sending out IE warning email with links..

If they use IE where is that link is going to take them? #FAIL

On a side note, if you are using internet explorer you might have some problems…

_____________________________________________

Sent: Friday, September 21, 2012 9:52 AM
Subject: Alert: Stop Using Internet Explorer: Malware Found

Attention Students:

You are receiving this message from the ASU Information Security Office – PLEASE READ IF YOU USE Internet Explorer

A previously unknown computer security problem is affecting all versions of Microsoft Internet Explorer (IE). Through this newly discovered security flaw, an unauthorized person can gain access to your computer and install malicious programs without your knowledge that permit that unauthorized person to use your computer for illegal purposes, including potentially gaining access to information on your computer. Recently, this has taken a turn for the worse and the number of locations hosting this malware was raised tremendously.

Please refrain from using Internet Explorer (IE) unless absolutely necessary until it is patched. Microsoft has announced plans to release a comprehensive patch today, Friday, Sept 21st (See References).

In the interim please do the following:

• Until further notice (until this threat passes), the Information Security Office recommends the use of alternative browsers such as Firefox, Chrome, Opera, or Safari.
• If you must use IE, please only use known links.
• Review and apply Microsoft’s released workarounds and patches as appropriate. (See References)

The Information Security Office will provide updates on this situation at getprotected.asu.edu. As always, take caution when using the Internet, especially in these kinds of situations. To report an event or incident, contact the ASU Help Desk at 1-855-278-5080.

For events that do not require an immediate response, email infosec (at) asu.edu or visit getprotected.asu.edu.

REFERENCES:

Microsoft Technical Documents:

http://blogs.technet.com/b/msrc/archive/2012/09/19/internet-explorer-fix-it-available-now-security-update-scheduled-for-friday.aspx

http://technet.microsoft.com/en-us/security/bulletin/ms12-sep

http://blogs.technet.com/b/srd/archive/2012/09/19/more-information-on-security-advisory-2757760-s-fix-it.aspx

Patch Link: http://support.microsoft.com/kb/2757760

SecurityFocus: http://www.securityfocus.com/bid/55562

ZDNet: http://www.zdnet.com/java-zero-day-leads-to-internet-explorer-zero-day-7000004330/

AlienVault: http://labs.alienvault.com/labs/index.php/2012/new-internet-explorer-zero-day-being-exploited-in-the-wild/

_____________________________________________________

Thanks for the laugh. Perhaps here is a better email option:

Some of you may or may not be aware, of the recent Internet Explorer security flaw, which researchers say could allow hackers to take remote control of an infected PC.

Use this link to download and install the Enhanced Mitigation Experience Toolkit v3.0
http://www.microsoft.com/en-us/download/details.aspx?id=29851

This free security tool, is designed to help prevent hackers from gaining access to your system. Feel free to forward this email to any Bulwark employees that are not on this email list.

Of course if you are already on this website in internet explorer than that link may not help you.

And if you need a Tempe Exterminator…

Related articles

• IE 7,8,9 0day in the wild – Microsoft Security Advisory (2757760)
• Additional information about Internet Explorer and Security Advisory 2757760