(Page 2 of 2)
FireEye is reporting active attacks against companies in the U.S. with ties to the defense and financial sectors. But, ultimately, any enterprise that uses IE is at risk. From Reguly's perspective, this isn't the first time we're hearing about an Internet Explorer zero-day this year and it won't be the last. The solution: make sure that systems have the best protection possible.
Mitigating the Risk
"The best advice is to ensure all systems have EMET (Microsoft's Enhanced Mitigation Experience Toolkit) deployed and that unnecessary browser add-ons are disabled. This should be part of an enterprise's standard security posture and shouldn't require extra cycles or last-minute deployment," Reguly said. "If companies aren't taking these basic steps to adequately defend their systems by deploying the tools available to them, a new zero-day is probably the least of their concerns."
Reguly's colleague, Tripwire security researcher Craig Young, told us despite the fact that this vulnerability is being actively exploited in the wild, and the Bromium Labs report that many EMET features can be bypassed, users and administrators should not feel helpless.
"EMET may not be perfect but it has been hugely successful at preventing exploitation of zero-day threats," Young said. "If you haven't used it yet, now is a great time to start."