Microsoft_Edge_logo-1000x562

Browsing the web with Internet Explorer can be a risk, so it’s no surprise that it lags behind. Microsoft is hoping to catch up with its new browser Edge.

Many years ago Internet Explorer was the go to choice for web browsing, but in the last 10 years more innovative browsers such as Chrome and Firefox have come to the fore. Not only are they less clunky, they also improve the user experience.

Naturally, Internet Explorer has fallen to the wayside and feels like a relic from a bygone era of dial-up modems where a single MP3 took an age to download.

Microsoft, it seems, has finally had enough of trailing behind in a niche which they previously dominated, so they’ve announced Edge for the upcoming Windows 10 release.

What is Microsoft Edge?

First and foremost, let’s get one thing straight: Edge is not an evolution of Internet Explorer. It won’t simply be Internet Explorer 12 with a fancy name. Instead, Microsoft is planning for Edge to be a complete revolution of their browsing capabilities.

One of the biggest complaints about Internet Explorer has been its rigid, antiquated design in an age of streamlined simplicity where speed is the key. Edge will be powered a by a new rendering engine which promises to deliver a more user friendly design which will slot seamlessly into mobile as well as desktop devices.

With Chrome being the most popular desktop browser, it’s no surprise to learn that early previews of Edge have revealed it to have a similar, lightweight aesthetic. The accessibility of Chrome will also be apparent in the new features offered by Edge.

Voice activated software has come a long way in the last few years – thanks to Apple’s revolutionary Siri. Microsoft is keen to integrate a similar feature into Edge. That’s why Microsoft’s voice assistant ‘Cortana’ will be available to perform searches and check emails for you.

Touch screen technology is also an area that Microsoft is investing heavily in with Edge and this raises the opportunity for users to annotate/share pages via a stylus which, again, is an amazing increase in accessibility over Internet Explorer.

Edge is also heavily rumoured to be lined up as a downloadable app rather than the built-in default of Windows devices that Internet Explorer is. Not only will this widen the audience available for Edge, it also enhances the ease with which updates can be distributed via the Windows Store.

Will Edge Succeed?

microsoft-edge

Microsoft certainly has an uphill struggle on their hands to compete with the current market leaders in the battle of the browsers. Due to the popularity of mobile devices in the current digital landscape, users feel more in tune with Chrome, Firefox and Safari.

And developers, too, have been concentrating their efforts on the more popular browsers at the expense of compatibility with Internet Explorer.

With Edge, though, Microsoft appears to finally be getting on track with the trends of this new era of accessible and intuitive browsers. It remains to be seen exactly how much of a dent Edge can make into the market, but by canning Internet Explorer they’ve made a great start!

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Zero-day Internet Explorer Exploit CVE-2014-8967

If you use Internet Explorer as your web browser, pay close attention to a recent Zero-Day vulnerability CVE-2014-8967 found allowing remote code execution.

Out of the various web browsers available to download, Internet Explorer is often the most vulnerable for attacks since it happens to be the one that is widely used globally.

We will summarize here what you need to know about CVE-2014-8967.

What is a Zero-Day vulnerability?

Microsoft and anti-virus companies regularly release updates and new virus definitions to address these exploits.  Zero-day means the exploit or bug is so new that no company has had a chance to patch it yet.

Specifically for zero-day vulnerability CVE-2014-8967, Internet Explorer has been exploited by hackers who have piggybacked on its publicly accessible framework to execute arbitrary code.

  • Technically speaking, the Internet Explorer vulnerability is all about the way in which it references “counting”, to allocate given in-memory objects.
  • These in-memory objects represent elements pertaining to HTML, otherwise known as CElement Objects.
  • An additional CSS style is applied, which illustrates the style it displays.
  • This change creates a loophole in the browser where the object’s reference can be allowed to drop down to zero before it normally should.
  • This in turns causes the object to become available to accept other commands to run.
  • This is where an opportunist can exploit the vulnerability to run code within the given framework.
  • The danger lies in the privileges the attacker can have on your system.
  • For instance, if you have administrator rights, the hacker can also acquire this same right, that’s if they manage to successful carry out the browser vulnerability hack.
  • It’s not much of a high risk if your account has basic user rights. Regardless of the level of user permissions you have, such an attack is undesirable.

Examples

An example of such an attack can originate via a dodgy website such as a hosted site managed by the attacker, is configured to apply the Internet Explorer vulnerability.

 

Examples of malicious banners and messages.

Examples of malicious banners and messages.

All that is needed is some sort of user action, such as a prompt, to trick the user into visiting the malicious site.

Another way hackers can use this vulnerability is by targeting other compromised websites to do the same thing.

Regardless of the malicious intent, you’re always in control and should practice safe browsing by avoiding suspicious or unfamiliar websites.

It can all begin by accidentally by opening an infected file or unknowingly visiting  a malicious web page, which executes the browser vulnerability.

This is why we stress the importance of not opening unknown recipient messages that contain attachments or links within emails and other places such as web banners or message boxes. The best thing to do is close down the page or delete those suspicious emails and notify your IT administrator.

Prevention and protection

The good thing about all the Microsoft mail clients, such as Microsoft Outlook Express, Microsoft Outlook and Windows Mail, is that they all disabled Active X and scripts by default. This stops malicious code from launching itself automatically and creating a problem, as discussed previously. However, you still need to be careful not to open unknown files or links.

How to protect yourself from Zero Day Internet browser vulnerability:

 

 

  • Update your Operating System. Do this with Windows Updates and be sure to apply any critical patches.
  • Do not Open attachments. It can all begin by accidentally opening an infected file or a malicious web page to execute the browser vulnerability. This is why we stress the importance of not opening unknown recipient messages that contain attachments or links such as web banners.
  • Use a different browser. Using a different browser can prevent the typical browser exploits found on Internet Explorer. For example Chrome, which is one of our preferred web browsers to use.
  • A little configuration can go a long way. Within Internet Explorer settings, you can set the option to prompt before allowing “Active scripting” to run, or alternatively, disable “Active scripting” within “Internet and Local intranet security zone settings”.
  • Use EMET. This is more for system administrators; however EMET (an Enhanced Mitigation Experience Tool Kit) can prove invaluable. This will be necessary I’d you’re working in a company that is unwilling to move away from Internet Explorer. EMET is a great workaround to help you to avoid this vulnerability.

For more ways to pro-actively protect your business and data from malicious vulnerabilities, contact your local IT professionals.

Read More


Onsite_PC_Solution_IE_Exploit

A zero day exploit affecting Internet Explorer 6 through 11 has been discovered which allows an attacker to execute code and install malicious software.  Security firm Fire Eye has recently released the details of how this attack works.

Internet Explorer accounts for about 25% of the worlds browsers used to surf the internet. We will cover a high level summary and how you can protect yourself and your business.

How does it work?

The exploit works by loading a corrupted Adobe Flash SWF file in a webpage, which allows the attacker to modify data in memory, effectively bypassing Internet Explorer’s security and allowing any malicious software to be downloaded and installed.  This can include viruses, malware, keyloggers, bitcoin mining software, fake anti-virus programs among other destructive software.

Rapid 7 shows an attack on a Windows 7 system using this exploit.

Rapid 7 shows an attack on a Windows 7 system using this exploit.

The exploit can be used on any version of Windows that runs IE 6, 7, 8, 9, 10 or 11, which means this is the first time that running a newer version of Windows does not protect you from an exploit.

What can I do to protect myself?

Microsoft has already started rolling out an update to patch the security bug, so be sure to keep your operating system up to date.  It is also recommended that you install Microsofts EMET 3.0, which brings better security protection especially for older Windows operating systems.

As always, we recommend running more secure and light weight web browsers such as Chrome or Firefox and avoiding Internet Explorer unless absolutely necessary.

All Onsite PC Solution clients with monthly maintenance plans will automatically be patched during their next monthly maintenance cycle.

For more ways to protect your business and home computers, contact your local IT professionals.

Read More


Typical Chrome New Tab page

Typical Chrome New Tab page

If your browser cannot leave a new tab page such as the Chrome one shown above and cannot navigate to another web page, here are a few possible remedies.

First, check if the keyboard or mouse is the issue.

Check if the backspace or other key is stuck. If that is the case, try to raise the key. Failing that, unplug the mouse and keyboard and see if the problem persists. Perhaps a key or short cut is being repeatedly triggered without the user’s knowledge. This can be confirmed by using a different keyboard or mouse.

Second, if it’s an issue with the browser

Other than Internet Explorer, you should save bookmarks into an html file then uninstall the browser thoroughly with an uninstaller tool such as Revo or from the Windows Control Panel. Reinstall the browser and see if the browser still freezes on the new tab page.

Internet Explorer is integrated with the Windows installation and cannot be simply uninstalled. For IE, after backing up desired new settings, configurations, and files, perform a system restore. Restore Windows to the last remembered time that the browser did not experience the new tab persistence problem.

For more tips or advice on troubleshooting common software issues, contact your local IT professionals.

Read More


w3-counter-browser-share

Browser share according to W3Counter

The debate about which internet browser is the best has essentially ended.  Personal preferences aside, the consensus among most casual users as well as developers is that Chrome, the Google-backed browser, is number one (for the time being).

Why should you pick Chrome over all other browsers?  First and foremost, let’s consider the fact that the browser is constantly being revamped and tweaked by a huge community of developers worldwide.  Google gave developers the source code for Chrome back in 2008.  Since then, the open source Chomium project has thrived, leading to a robust and constantly updated browser.

A Think Tank is Better Than One Einstein

ad-block

AdBlock can be easily integrated into Chrome

What it comes down to is this, Google is allowing outside developers to tinker with Chrome.  Among some of the crucial benefits resulting from the open collaboration of many brilliant minds are these:

  • Exceptional security measures as developers are constantly debugging and patching up vulnerabilities
  • Add-ons built around the Chrome browser allows for a highly customizable surfing experience.  For instance, the adblock plugin lets surfers select which site is allowed to have ads or popups.
  • Convenience.  Users can sync their browsing history, usernames, passwords, and etc. across multiple platforms.  By simply logging into one’s Google account, he/she can have access to all his past browsing history, and save his present browsing experience for future syncing on other platforms.

It Can Always Be Better

Google, with its involvement in adding parts to the Internet of Things (IoT), has greatly improved the browsing experience for most average internet surfers.  Much of the work done in the development of Chrome (past, present, and future) ultimately serves as medium for Google to grow and profit.  However, Google is taking input from outside developers, and thus it has given the search giant an edge in the browser war over its competitors like Microsoft’s Internet Explorer and Mozilla’s Firefox.

Although Chrome is an exceptional browser for almost everyone and every purpose, a tool for surfing the internet is only a piece of the personal computing experience.  Chrome users will still need to consider what other tools will complement the browser, so that surfing the Internet becomes as secure as possible.

For more ideas and tips on staying safe and secure online, contact your office IT professionals.

Read More