Som du allerede ved, Microsoft for nylig sluttede støtte til ældre versioner af IE (Internet Explorer). I øjeblikket, kun IE9 til Windows Vista og Windows Server 2008, IE10 og IE11 regelmæssigt lappet. Hvis du bruger en ældre version af IE, your system may be prone to a range of malicious attacks.
Have sagt, at, denne Patch tirsdag KB3134220 was released. The update addresses critical security vulnerabilities in IE9 and later versions. Men, if you’re not on any of the latest IE versions, you’re in danger.
Why you should update to IE9 or a laterversion
What the most likely case with the vulnerabilities patched in Feb 2016 Patch Tuesday is that most of them were IE-related. Derfor, more than two-thirds of the flaws patched by Microsoft presumably existed on ‘resigned’ IE versions.
Keep in Mind
There’s a huge risk coming from unpatched vulnerabilities that are known to cyber criminals. Did you know that cyber criminals examine the code before and after an update, and easily figure out what was altered. Derefter, this information may be used to further analyses and, på et tidspunkt, the patch can even be reverse-engineered.
This is how bugs are located by malicious actors. Once the bug is discovered, an exploit is crafted.
Resultatet? Software that is not patched in successfully attacked. That is why not only the update is important but also its immediate application. Jo længere du venter, the more time cyber criminals have to craft an exploit.
This is how researchers at Computer World explain an attack scenario involving IE flaws:
I dette tilfælde, the vulnerability found in, sige, IE9 on Vista — which was patched this week — may give them insight into the location of the bug in the older IE8. Derfra, they can create an exploit for the unpatched browser.
Why would cyber criminals spend so much time on reverse-engineering IE patches? It’s obvious – there are too many IE users out there that continue to run old and unsafe versions of the browser. Desuden, data analyst Net Applications say that about a third of users running IE just last month used an older, unpatched version of the browser, which hasn’t received security updates.
Are you one of those users?