The following is from a Microsoft informational email – We thought you would find it interesting and useful
|
|
|
|
endif]>
Category: Security
New Vulnerability Found in Internet Explorer
You may have already read about new vulnerability found in Internet Explorer (All versions). Microsoft does not yet have a fix for this issue. Here are two things you can do to stay safe in the meantime: – If you have an alternative browser such as Firefox or Google Chrome, use it. – This exploit works primarily by luring you to infected sites. So practice safe surfing when using IE: do not click on links in emails unless you are certain they are safe. Do not click on links in unexpected pop-ups
This may also be time to think about working as a Standard (Restricted) user as opposed to an Administrator.
Below are links to the Microsoft Security Advisory and some commentary by Gizmodo
Microsoft Security Advisory 2963983
New Vulnerability Found in Every Single Version of Internet Explorer
And last, but not least…
Steve Gibson, from GRC, has just posted the following mitigation. I cannot attest to how good it is, or what effect it will have, but Steve is usually very good about such things (why is why I am posting it here.
A quick mitigation for Internet Explorer’s new 0-Day vulnerability
As always…
Contact Us to book an appointment or to discuss your needs further.
Tips for creating a strong password
Passwords provide the first line of defense against unauthorized access to your computer. The stronger your password, the more protected your computer will be from hackers and malicious software. You should make sure you have strong passwords for all accounts on your computer. If you’re using a corporate network, your network administrator might require you to use a strong password.
What makes a password strong (or weak)?
A strong password:
- Is at least eight characters long.
- Does not contain your user name, real name, or company name.
- Does not contain a complete word.
- Is significantly different from previous passwords.
- Contains characters from each of the following four categories:
|
Character category
|
Examples
|
|---|---|
|
Uppercase letters |
A, B, C |
|
Lowercase letters |
a, b, c |
|
Numbers |
0, 1, 2, 3, 4, 5, 6, 7, 8, 9 |
|
Symbols found on the keyboard (all keyboard characters not defined as letters or numerals) and spaces |
` ~ ! @ # $ % ^ & * ( ) _ – + = { } [ ] \ | : ; ” ‘ < > , . ? / |
A password might meet all the criteria above and still be a weak password. For example, Hello2U! meets all the criteria for a strong password listed above, but is still weak because it contains a complete word. H3ll0 2 U! is a stronger alternative because it replaces some of the letters in the complete word with numbers and also includes spaces.
Help yourself remember your strong password by following these tips:
- Create an acronym from an easy-to-remember piece of information. For example, pick a phrase that is meaningful to you, such as My son’s birthday is 12 December, 2004. Using that phrase as your guide, you might use Msbi12/Dec,4 for your password.
- Substitute numbers, symbols, and misspellings for letters or words in an easy-to-remember phrase. For example, My son’s birthday is 12 December, 2004 could become Mi$un’s Brthd8iz 12124 (it’s OK to use spaces in your password).
- Relate your password to a favorite hobby or sport. For example, I love to play badminton could become ILuv2PlayB@dm1nt()n.
If you feel you must write down your password in order to remember it, make sure you don’t label it as your password, and keep it in a safe place.
(Comment from UA: A better solution is to use a password manager tool such as Lastpass to keep your passwords for you. You only need to remember one strong password (make sure it is a good one as it is the “keys to the kingdom”) and then use Lastpass to generate super strong ones for all your other needs and remember them for you. 2 Factor authentication is always a good idea when it is available.)
Creating stronger passwords using ASCII characters
You can also create passwords that use extended ASCII characters. Using extended ASCII characters helps make your password more secure by increasing the number of characters you can choose from to create a strong password. Before using extended ASCII characters in your password, make sure that passwords containing them are compatible with the programs that are used by you or your organization. Be especially cautious about using extended ASCII characters in passwords if your organization uses several different operating systems or versions of Windows.
You can find extended ASCII characters in Character Map. Some extended ASCII characters should not be used in passwords. Do not use a character if a keystroke is not defined for it in the lower-right corner of the Character Map dialog box. For more information, see Using special characters (Character Map): frequently asked questions.
Windows passwords can be much longer than the eight characters recommended above. In fact, you can make a password up to 127 characters long. However, if you are on a network that also has computers running Windows 95 or Windows 98, consider using a password that is no longer than 14 characters. If your password is longer than 14 characters, you might not be able to log on to your network from computers running those operating systems.