Results 1 to 12 of 12
  1. #1
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    6,058
    Thanks
    196
    Thanked 766 Times in 700 Posts

    MS tools to protect IE 9 and 10 until 3/11 Patch Tuesday

    Hey Y'all,

    If you're using IE 10 please read this Article. HTH
    May the Forces of good computing be with you!

    RG

    VBA Rules!

    My Systems: Desktop Specs
    Laptop Specs


  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    Also applies to those of us who are still on IE 9, such as anyone who has graphical problems on installing the Platform Update required before upgrading above IE 9 (http://support.microsoft.com/kb/2670838 - affects a broad range of AMD graphics users).

    Modified the topic title to suit.

  4. #3
    Silver Lounger
    Join Date
    Aug 2012
    Posts
    1,687
    Thanks
    27
    Thanked 235 Times in 230 Posts
    Quote Originally Posted by satrow View Post
    Also applies to those of us who are still on IE 9, such as anyone who has graphical problems on installing the Platform Update required before upgrading above IE 9 (http://support.microsoft.com/kb/2670838 - affects a broad range of AMD graphics users).

    Modified the topic title to suit.
    Given the release date in that article, wouldn't those of us it had applied to have already gotten that update at the time through the monthly updates ?

    I'd been alerted to this threat and later, the temp workaround in another forum but having upgraded from IE 10 to 11 in between and the compatibility problems with that and my ISP's e-mail, I used the Shim after reverting to IE 10 and ensuring that I had the latest updates for it.

  5. #4
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    Quote Originally Posted by Sudo15 View Post
    Given the release date in that article, wouldn't those of us it had applied to have already gotten that update at the time through the monthly updates ?

    I'd been alerted to this threat and later, the temp workaround in another forum but having upgraded from IE 10 to 11 in between and the compatibility problems with that and my ISP's e-mail, I used the Shim after reverting to IE 10 and ensuring that I had the latest updates for it.
    The release date means little - it was originally published some months prior to the given date, when IE 10 became available as a Beta. That KB page has also gone through multiple changes since that time, some 6+, iirc.

    If you have IE 10 or 11, you will already have that KB installed, they cannot be installed without it.

  6. The Following User Says Thank You to satrow For This Useful Post:

    Sudo15 (2014-02-23)

  7. #5
    3 Star Lounger
    Join Date
    Mar 2010
    Location
    USA
    Posts
    240
    Thanks
    44
    Thanked 32 Times in 25 Posts
    For the protection (other than upgrading to IE11), can't we just install EMET (Enhanced Mitigation Experience Toolkit) to Win7 (x32 or x64)?
    Or is there a problem with EMET on Win7, x32 or x64?
    Please advise.

  8. #6
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    2,726
    Thanks
    78
    Thanked 336 Times in 304 Posts
    Quote Originally Posted by scaisson View Post
    For the protection (other than upgrading to IE11), can't we just install EMET (Enhanced Mitigation Experience Toolkit) to Win7 (x32 or x64)?
    Yes.


    Quote Originally Posted by scaisson View Post
    Or is there a problem with EMET on Win7, x32 or x64?
    Please advise.
    No.


    Bruce

  9. The Following User Says Thank You to BruceR For This Useful Post:

    scaisson (2014-02-25)

  10. #7
    3 Star Lounger
    Join Date
    Mar 2010
    Location
    USA
    Posts
    240
    Thanks
    44
    Thanked 32 Times in 25 Posts
    @BruceR, that clarifies it. Thanks

    [edit]
    RetuiredGeek has just posted about the vulnerability of EMET:
    http://windowssecrets.com/forums/sho...280#post942280

    No security method is 100%. It is how much hindrance/cost added to the attack effort. I'll use EMET until a better and simpler patch.
    Last edited by scaisson; 2014-02-25 at 23:41.

  11. #8
    Silver Lounger
    Join Date
    Aug 2012
    Posts
    1,687
    Thanks
    27
    Thanked 235 Times in 230 Posts
    Had the out of cycle MS update today for what I assume is to combat the Zero Day Exploit (unless it's in disguise) - KB2923545

  12. #9
    New Lounger
    Join Date
    Jan 2010
    Location
    Ohio
    Posts
    7
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by RetiredGeek View Post
    Hey Y'all,

    If you're using IE 10 please read this Article. HTH
    Our company uses Win 7 64-bit with IE 9. I want to email all of our users a link to the Microsoft Fix It, but when I tested that email / link, I found that our users could not run the Fix It without a system administrator login. Do you know of a way to fix that issue?
    I appreciate any help. thanks

  13. #10
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    2,726
    Thanks
    78
    Thanked 336 Times in 304 Posts
    Quote Originally Posted by Sudo15 View Post
    Had the out of cycle MS update today for what I assume is to combat the Zero Day Exploit (unless it's in disguise) - KB2923545
    I don't think that's connected. It's a non-security update for RDP, not a security patch for IE9/10.


    Quote Originally Posted by techdls View Post
    Our company uses Win 7 64-bit with IE 9. I want to email all of our users a link to the Microsoft Fix It, but when I tested that email / link, I found that our users could not run the Fix It without a system administrator login. Do you know of a way to fix that issue?
    I appreciate any help. thanks
    If your company doesn't want users to install programs (or patches or shims), I don't think there's any way round it.

    At least IE9 is not being actively exploited like IE10 according to Microsoft (see yellow "Vulnerable, not under attack" v. red "Under attack" in the risk chart at Platforms Affected.)

    Bruce

  14. The Following User Says Thank You to BruceR For This Useful Post:

    techdls (2014-02-27)

  15. #11
    Star Lounger
    Join Date
    Nov 2012
    Location
    Maryland, USA
    Posts
    51
    Thanks
    0
    Thanked 1 Time in 1 Post
    Okay. so the latest Cumulative Security Update For IE9 for Win 7 x64 (my system) has been out since March 11th (KB2925418). I'm not hearing of anybody getting "arrows in backs" so far, so is it okay to just update and get rid of the problem? Comments & replies are welcome.

  16. #12
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    Quote Originally Posted by CEScott View Post
    Okay. so the latest Cumulative Security Update For IE9 for Win 7 x64 (my system) has been out since March 11th (KB2925418). I'm not hearing of anybody getting "arrows in backs" so far, so is it okay to just update and get rid of the problem? Comments & replies are welcome.
    Well, I'm on W7x64 and out of all the included patches, I think only 2 might be applicable to my system, that left a lot that weren't - like last time around, when iirc, there were only 2/~20, I declined the offer, mostly because I didn't want any interruptions due to troubleshooting possible problems due to updates I can't use (I do take the time to comment to MS about the individual updates included in these roll-ups not being available in a standalone format though).

    I've not had time to check for complaints about it, so I really don't know what to advise you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •