.st0{fill:#FFFFFF;}

Cyber Security

Critical Browser Zero-Day Error

 June 8, 2020

By  Tim Starnes

Most tech-savvy computer users regard Internet Explorer as a joke, reserved for memes about grandparents using dial-up service asking how to download more RAM, but the statistic is shocking:

  • Internet Explorer: Third place in market share at 7.42% – that is only a 1.58% difference between second place, which is Firefox at 9.00%.

Why are These Outdated Browsers Still Being Used?

The answer is simple – most business owners and even casual computer users are resistant to change, beyond automatic updates. This resistance to change can come at a high price, though.

Why is Continuing to Use Internet Explorer Dangerous?

The U.S. Department of Homeland Security has flagged Internet Explorer as having a critical security flaw opening users to remote access attacks. This goes back to Internet Explorer 9, which released on March 14, 2011.

CVE-2020-0674

Essentially, an attacker, using a remote code execution through a vulnerable point in the scripting engine of Internet Explorer and gains the same rights and permissions of the current user account – which means big trouble, if the user account is assigned as an administrator. The attacker would then be able to make an array of changes, delete files, change security settings, and more.

What is a Remote Access Attack? Remote access attacks are generally undertaken to view or steal data via internet or network connections – imagine it as your car being taken over on your drive into work – the force accessing the steering wheel and gas pedals can choose where your car goes and how fast. Scary, right?

Is There a Fix?

Carnegie Mellon University has released information on a command prompt workaround to prevent issues – Microsoft has yet to release an official patch.

The best current recommendation is to simply avoid using Internet Explorer until an official patch is made by Microsoft. Microsoft recommends limiting access to JScript.dll but acknowledges that this could lead to decreased performance.

Subscribe to our newsletter now!