On April 26th, Microsoft revealed that hackers are exploiting a critical vulnerability in their Internet Explorer browser to victimize users with so called “drive by download” attacks. Such attacks download and execute malicious software on the victim’s computer, often for the purpose of committing financial fraud.
According to Microsoft, the problem is a remote code execution vulnerability and involves the way IE accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.
In a drive by download scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer, and then convince a user to view the website where malicious software will be downloaded to their computer.
It is important to note that until a patch is available from Microsoft, the vulnerability exists on all versions of IE going back to IE 6 and for all versions of Windows from XP forward. As of this minute, essentially all IE Windows users are vulnerable. Microsoft does not usually release patches outside of their normal schedule, but will rush a fix out because the next regularly-scheduled patch is Tuesday is May 13, just over two weeks away.
When Microsoft eventually provides a patch, it will only be for Windows Vista and higher. Windows XP users will be left in the cold, unless they or their organization pay for a very expensive extended support contract. As of March, 28% of all desktops were operating with Windows XP.
Regardless of what version of Windows you are using, you will be protected from such Drive by Downloads if you use Comodo security and run your browser in the sandbox, aka virtual browsing, or use the Virtual Desktop which provides a virtual environment for all of your activities.
The sandbox is a secure system area isolated from the rest of the operating system. Any malicious files you download will be contained where they cannot harm your computer or your file system. With Comodo Internet Security installed, you can run a browser in the sandbox or easily switch from their regular desktop to the Virtual Desktop, fully secure virtual environment. The following are various ways to browse secure with Comodo Internet Security and sandboxing.
Run Browser from the Desktop Widget
The easiest way to run a browser in the Comodo sandbox is to click on the browser icon within Comodo desktop widget. Comodo website security software will automatically detect installed browsers and show them in the widget. The image below shows the desktop widget with the Internet Explorer sandboxed.
Note the green line around the browser window indicating it is running sandboxed and secure.
Even unpatched Windows XP users will be fully protected when running in the sandbox!
Run Browser in Sandbox – One Time
To run the browser, or any program, in the sandbox you can simply right click on the program or desktop icon and select Run in COMODO Sandbox, as shown to the right.
Run Browser in Sandbox – Always
You can set your browser, or any program to run in the sandbox every time you run.
- Open the Task window.
- Select Task.
- Select Sandbox Tasks to reveal the sandbox options. (See image)
- At the pop-up window, select Choose and Run.
- Navigate to the program file and select Open.
The Internet Explorer program file is normally in C:\Program Files\Internet Explorer
Run Virtual Desktop
The Virtual Desktop is a complete system environment where every program you run and file you create is isolated in a secure, contained area.
To run the Virtual Desktop, simply do the following:
- Open the Task window.
- Select Virtual Desktop.
The Virtual Desktop displays, a shown below.
The Virtual Desktop is recommended for:
- Secure online banking: Virtual Desktop prevents key loggers from sniffing your keyboard activity when you go to the banking sites. By using its virtual keyboard, you are protected even against hardware based key loggers!
- Secure Surfing: Whatever runs in the Virtual Desktop, stays in the Virtual Desktop! That’s right. Even if you are accidentally infected by a virus it is not going to affect your computer. It cannot do any damage outside the Virtual Desktop!
- Locking down your computer: If other uses must access your computer, you can force them to use the Virtual environment. For example, you can allow the kids to do whatever they want in the Virtual Desktop without changing anything on your PC.
- A new user experience: Ever wanted to use Windows like an iPad? The touch friendly Virtual Desktop makes that possible.
Don’t have Comodo Security?
Comodo Security is available for both personal computer users and as part of a business enterprise solution:
- For businesses requiring managed security solutions, visit www.comodo.com/business-enterprise/cesm3/index_v2.php
- For home users, you can download Comodo Internet Security, complete with the Virtual Desktop, at: www.Comodo.com/home/internet-security/free-internet-security.php