Help Secure IE from Operation Clandestine Fox Exploit (Updated)

Microsoft confirmed a new zero-day vulnerability that affects every version of Internet Explorer. That means every version — from IE 6 on XP to the latest Internet Explorer 11 on Windows 8.1 update 1. It’s estimated that over half of the world’s browsers could be affected by this. So much so that Homeland Security in the U.S. is advising Americans to not use IE until a patch becomes available.

It makes no difference which version of Windows your using as the exploit is within the IE code itself in conjunction with an Adobe Flash exploit. According to the computer security firm FireEye hackers exploiting the bug are calling it “Operation Clandestine Fox.”

According to the Microsoft Security Advisory 2963983 the vulnerability in IE could allow remote code execution:

The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.

To put it simply, you don’t need to do anything odd to get your computer infected by the malware. It can be snuck on your system just by viewing an infected page in Internet Explorer. Microsoft has said it’s working on a patch, which might come before the usual Patch Tuesday when multiple patches are released at once. This is the first major vulnerability that won’t be fixed for XP users since support for XP ended on April 8th.

Help Secure Internet Explorer Against Vulnerability

If you’re a user of Internet Explorer whether you want to be or not, there’s a few things you can do to protect yourself against the exploit.

the easiest method is to just disable Flash in IE. Open IE and go to Tools > manage Add-ons. Right-click Shockwave Flash Object and select Disable.

Open IE and go to Tools > Internet Options > Security then click the Custom level button.

Then scroll down to Active Scripting and set it to Prompt or Disable – which is probably the best solution.

Setting it to prompt will make IE bring up a message before running Active scripts like Flash.  However, this can be quite annoying as you’ll be clicking a lot of message boxes.

Final Thoughts

The obvious and most effective way to protect yourself from the exploit is to not use Internet Explorer. Use Firefox or Google Chrome instead, at least until a patch from Microsoft is released.

Unfortunately using a different browser on Windows RT isn’t possible, so definitely disable the Flash Add-on. On RT go to the Desktop and follow the same directions shown above – that will disable Flash for the desktop and Modern version of IE too.

Stop using XP. While you can use different browsers on the outdated Windows XP, and avoid this exploit, there’s no more patches coming – not for this exploit or any future exploits. Internet Explorer is needled deep in to the Windows operating system, and this is just a sign of what’s to come if you decide to stay on XP.

If you’re still on XP and want to kick the habit, check out these alternatives. Also make sure to check out the following articles we’ve done to help you make the transition:

• How to Transfer Your Bookmarks from XP to Chromebook
• Moving on From XP? Collect Your Software Product Keys First
• Microsoft is Giving Away PCmover Express to XP Users
• Ask the Readers: Are You Sad to See XP End?

Update:

Microsoft has issued a patch for the vulnerability for IE in Windows 8, Windows 8.1, Windows RT 8.1, and Server 2012