The goal was to outline how browser-based client-side attacks happen and what access
an attacker can leverage from a successful attack.We also want to point out how you can
either protect yourself completely from client-side attacks, or drastically reduce the
effect of a successful client-side attack on your workstation.
Keep Up-to-Date on Security Patches
This one can almost go without saying, but it??™s important to point out that most realworld
compromises are not due to zero-day attacks. Most compromises are the result of
unpatched workstations. Leverage the convenience of automatic updates to apply
Internet Explorer security updates as soon as you possibly can. If you??™re in charge of the
security of an enterprise network, conduct regular scans to find workstations that are
missing patches and get them updated. This is the single most important thing you can
do to protect yourself from malicious cyberattacks of any kind.
Stay Informed
Microsoft is actually pretty good about warning users about active attacks abusing
unpatched vulnerabilities in Internet Explorer. Their security response center blog
(http://blogs.technet.com/msrc/) gives regular updates about attacks, and their security
advisories (www.
Pages:
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695