Skip to Content
Apr. 30, 2014, 1:56 PM
VUIT has issued a recommendation to avoid using the Internet Explorer Web browser for now due to some recently identified vulnerabilities that could allow hackers to install malicious software on a user’s machine. The vulnerabilities have been reported widely in the news.
To the extent possible, users should consider using another Internet browser until Microsoft implements changes to address the problem. It is acceptable to continue running Vanderbilt applications that can only operate with Internet Explorer. But users are advised not to browse to sites outside Vanderbilt using Internet Explorer.
Microsoft has indicated the vulnerabilities exist in Windows servers 2003, 2008, 2012, XP, Vista, 7, 8 and 8.1.
For these attacks to work, a user would have to visit a malicious website attempting to install the code. Microsoft reports that attacks could also come from “websites that accept or host user-provided content or advertisements” where an attacker could insert malicious code.
Recommended strategies for mitigating potential problems include:
If you suspect your computer has been infected, immediately power down and contact your local support provider or the Help Desk.
According to VUIT, the vulnerability is a remote code execution that has the potential to give hackers the same user rights as the current user. That means a successful attacker who infects a PC running as administrator would have a wide variety of attack options open to them, such as installing more malware on the system, creating new user accounts, and changing or deleting data stored on the target PC. Most Windows users run their PCs under an administrator account.
After completing its investigation of the malicious software, Microsoft is expected to take appropriate action to protect customers, which may include providing a solution through a monthly security update release process or an out-of-cycle security update, according to VUIT. Meanwhile, VUIT Information Security Operations is actively working to block infection channels and enhance detection capabilities.
For additional information:
Contact: IT Help Desk (615) 343-9999
There are lots of ways to keep up with Vanderbilt. Choose your preferred method: