Better Business Bureau (BBB) is urging all consumers and businesses to pay close attention to a Cyber Security Advisory issued by the Federal Bureau of Investigation regarding a vulnerability in Microsoft's Internet Explorer 8 browser (IE8) that could allow scammers to access and take over users' computers. The risk for all users – home, business and government – is high, and BBB is urging anyone with IE8 to follow the recommended steps to address the problem.
The problem was first announced yesterday, and last night Microsoft released a temporary fix. Here is the original overview from the FBI:
"A vulnerability has been discovered in Microsoft's web browser, Internet Explorer, which could allow an attacker to take complete control of an affected system. Exploitation may occur if a user visits or is redirected to a web page which is specifically crafted to take advantage of the vulnerability. Successful exploitation of this vulnerability could result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploit attempts may result in a denial-of-service condition."
Microsoft is working on a patch to undo the vulnerability, which does not affect other versions of IE.
"BBB recommends that everyone with Internet Explorer 8 apply the temporary fix immediately," said Ben Steinberg, Chief Information Officer of the Council of Better Business Bureaus. "If you are not sure which version you have, try running the fix. If you don't have IE8, the fix will stop running and let you know that your system is not at risk. Microsoft will let you know when the patch is available, and you need to download that as soon as it is."
"This is a good opportunity for BBB to reinforce how critical it is to maintain up-to-date anti-virus software on every computer, tablet and smart phone connected to the internet," Steinberg added. "Consumers also need to be extremely cautious when clicking on links in email and social media messages, or opening email attachments. Scammers are very sophisticated in their techniques, and the results can be devastating: identity theft, loss of personal data, bank and credit card fraud. If you are not sure, don't click."