State-sponsored attacks using IE to hijack GMail

'State-sponsored attackers' using IE zero-day to hijack GMail accounts | ZDNet: "In the absence of a patch, the company has shipped a “Fix-It” tool that blocks the attack vector for this vulnerability. See Microsoft Knowledge Base Article 2719615 for instructions on applying the automated tool. Microsoft also recommends that Windows users deploy the Enhanced Mitigation Experience Toolkit (EMET), which helps prevent vulnerabilities in software from successfully being exploited. Internet Explorer users can also configure Internet Explorer to prompt before running Active Scripting or disable Active Scripting in the Internet and Local intranet security zone. These mitigations can be found in the “Suggested Actions” of Microsoft’s pre-patch advisory. Internet Explorer users should keep in mind that this vulnerability is different from another under-attack issue fixed yesterday with the MS12-037 bulletin."

Bottom Line: Stop using Internet Explorer (IE) as your internet browser. Install and use Chrome.

Tweet    Follow @johnmpoole