Carnegie Mellon University Website Home Page
 
Skip navigation and jump directly to page content
News
Security News Archives
2008
December
Security Alert -Critical Microsoft Security Update MS08-078 for Internet Explorer (Windows)
Final Survey: Help Us Protect the Carnegie Mellon Community from Identity Theft study
Security Alert - Restrict Microsoft Internet Explorer Usage (Windows) - Unpatched Vulnerability - Attacks Underway
Accounts
Network, Phone & TV
Software
Email & Calendar
Secure Your Computer
Clusters & Printing
Web Services
Classroom & Event Support
Training & Education
Technical Support & Services
Campus Partners
Information Security Office (ISO)

Security Alert: Restrict Microsoft Internet Explorer Usage (Windows) - Unpatched Vulnerability - Attacks Underway

Who:  Windows users who run Internet Explorer

What:  Attacks are underway using an unpatched XML vulnerability in Internet Explorer on Windows

When:  December 12, 2008

How:

An attacker may be able to take complete control of your computer when you visit a maliciously crafted web page with Internet Explorer on Windows. You may encounter these maliciously crafted web pages when visiting:

  • legitimate websites that have been compromised
  • unfamiliar sites found through legitimate search engines such as Google or Yahoo
  • links received through e-mail and instant messaging

If you suspect your computer has already been compromised, STOP! Take the following steps:

  1. Disconnect from the network - turn off wireless or unplug the wired network cable.
  2. Discontinue use of the machine but DO NOT power off.
  3. Contact the Information Security Office at (412) 268-2044 or iso@andrew.cmu.edu or your departmental computing administrator/DSP consultant for further instructions.

These steps are excerpted from Responding to a Compromised Computer .


If your computer is managed by a Carnegie Mellon departmental computing administrator, please consult that person before making any system changes.


What You Need To Do:

NOTE: You must login with an administrative account/password to complete steps marked with ***.

  1. Restrict use of Internet Explorer until patches are available and applied
    Unless you are accessing a trusted web site or application for work that requires Internet Explorer specifically, please stop using Internet Explorer until Microsoft releases a patch and you are certain that patch has been applied to your computer.
     
  2. Use an alternate web browser such as Mozilla Firefox or Apple Safari
    Use an alternate web browser whenever possible.  Compromised legitimate sites and unfamiliar sites found through search engines, email, and instant messaging are often used to deliver maliciously crafted attack pages.
    Mozilla Firefox free installer download***
    Apple Safari free installer download***
     
  3. Consider applying Microsoft's more technical workarounds if you are comfortable***
    See Suggested Actions from Microsoft Security Advisory 961051.
     
  4. Secure Your Computer***
    As always, following guidelines for secure computing generally reduces your risk of impact from this and other vulnerabilities.
    Windows Vista instructions
    Windows XP instructions

More Technical Information:


Contact:

Please direct any questions or comments to the Computing Services Help Center at x8-HELP (4357) or advisor@andrew.cmu.edu or to your departmental administrator/DSP consultant.