What you (or your IT department) should do right now to secure Windows XP

For your home or work computers…

We have all heard dire warnings (mostly from Microsoft and computer sales people) regarding how dangerous and irresponsible you are if you dare to keep your Windows XP machines running for another day without upgrading or replacing them immediately, and even though these warnings are usually accompanied by an offer to sell you upgrade licenses or new machines we still tend to take them very seriously.  Very recently, we’ve been shown just how serious that can become…

Why?  A “zero day” (meaning something completely unprotected against by either antivirus or other means) vulnerability was discovered within most versions of Microsoft’s Internet Explorer that could allow someone to remotely control your computer using your own security privileges.

Sounds pretty scary, right?  Panic did set in quite quickly…

The Director of Homeland security last week set the new record for the quickest over-the-top public display of sheer panic by telling the public at large to stop using Microsoft’s Internet Explorer completely and recommended everyone immediately switch to Firefox or Chrome.

Who wouldn’t take them seriously?  Everyone keeps telling you how every hacker on the planet is now targeting you and your XP machine.  But is it really the end of the road for your XP machine?  Are you left hanging in the breeze with no recourse?  The answer may surprise you.

So let’s look at how many ways XP was protected last week when a supposedly devastating vulnerability sent even Homeland security scurrying for cover:

The first thing we will look at is the most obvious:  Microsoft itself.  Microsoft had actually released a tool that stopped the latest vulnerability long before (November of 2013) this zero day ever took center stage.

It’s called EMET, or Enhanced Mitigation Experience Tool.  In Microsoft’s own words:   EMET “is a utility that helps prevent vulnerabilities in software from being successfully exploited.” It does this by throwing up roadblocks to malicious execution of system files in a wide variety of ways.  You can find more detailed info by following the link at the bottom of this article.

EMET has been around for nearly 3 years now and contains a wide variety of protection options that I won’t go into here, but I mention here because one of those tools is a full mitigation, or lock-down of Internet Explorer.  This single feature stops the zero day vulnerability that hit last week cold in its tracks all by itself without a Microsoft patch, without antivirus updates and most notably, with only very minor side effects.  IN fact, when I deployed this within an environment running nearly 1000 pieces of software and over 700 users, I experienced only a single problem which was resolved within an hour.

With this in mind, any IT department would be hard pressed to justify not deploying EMET as soon as possible and keep it in place indefinitely.

In short, if you don’t have this free tool deployed on your home computer and on your entire business network, you are needlessly exposing your Infrastructure to attack.

It doesn’t get any simpler than that.

 

 

Just my view from the cheap seats…

Homeland Security Director’s panic attack:  http://www.usatoday.com/story/news/usanow/2014/04/28/internet-explorer-bug-homeland-security-clandestine-fox/8409857/

Microsoft’s EMET release announcement:  http://blogs.technet.com/b/srd/archive/2013/11/12/introducing-enhanced-mitigation-experience-toolkit-emet-4-1.aspx

ISSA (Information Systems Security Association):  Using EMET to prevent targeted attacks

UA-49470327-1
x Shield Logo
This Site Is Protected By
The Shield →