Newsroom
April 29, 2014
Microsoft security flaw affecting IE users
April 30, 2014 – Online banking users using the Internet Explorer browser could be at risk from a security flaw announced by Microsoft, according to reports.
American Banker reported that Microsoft made the announcement on Saturday and that the security flaw exists in Internet Explorer versions 6 through 11, which the article said affects about one in four online users. It says Microsoft acknowledged "limited attacks" due to the security flaw and described the flaw as a "remote code execution vulnerability."
The Financial Services Information Sharing and Analysis Center, quoted in the article, said the flaw is not an easy one for a cybercriminal to exploit. FS-ISAC gathers information about cyber and physical security risks faced by the financial services industry. It works with the Financial Services Sector Coordinating Council, of which NAFCU is a member.
Experts in the Banker article noted that the easiest target for hackers in this case will likely be those who are continuing to use Windows XP since Microsoft ended its support of the operating system on April 8. (The NAFCU Compliance Blog previously reported on the XP issue.)
The United States Computer Emergency Readiness Team, or US-CERT, also released an alert regarding the IE flaw. "US-CERT recommends that users and administrators review Microsoft Security Advisory 2963983 for mitigation actions and workarounds," the alert stated.
American Banker reported that Microsoft made the announcement on Saturday and that the security flaw exists in Internet Explorer versions 6 through 11, which the article said affects about one in four online users. It says Microsoft acknowledged "limited attacks" due to the security flaw and described the flaw as a "remote code execution vulnerability."
The Financial Services Information Sharing and Analysis Center, quoted in the article, said the flaw is not an easy one for a cybercriminal to exploit. FS-ISAC gathers information about cyber and physical security risks faced by the financial services industry. It works with the Financial Services Sector Coordinating Council, of which NAFCU is a member.
Experts in the Banker article noted that the easiest target for hackers in this case will likely be those who are continuing to use Windows XP since Microsoft ended its support of the operating system on April 8. (The NAFCU Compliance Blog previously reported on the XP issue.)
The United States Computer Emergency Readiness Team, or US-CERT, also released an alert regarding the IE flaw. "US-CERT recommends that users and administrators review Microsoft Security Advisory 2963983 for mitigation actions and workarounds," the alert stated.
Share This
Related Resources
Resiliency In Your Incident Response Plan
Cybersecurity
preferred partner
DefenseStorm
Blog Post
The Bottom Line on Insurance Tracking and Collateral Protection
Strategy
preferred partner
Allied Solutions
Blog Post
Add to Calendar 2024-04-15 09:00:00 2024-04-15 09:00:00 Mergers and Acquisitions: Unifying Two Different Executive Total Compensation and Benefits Programs Listen On: Key Takeaways: [03:50] With the merger of a smaller credit union into a larger one you are really only dealing with integrating staff into the larger credit union. [05:53] When working with a merger of equals we start with a deep dive into the executive compensation and benefits of each organization. [09:09] If your current executive benefits provider doesn’t conduct regular plan evaluations, consider having a plan audit anyway. [13:46] Don’t overpay for these things if you don’t have to. When you have more options available that means the cost is more appropriate. [17:11] It is in a unified organization’s best interest to do tier timelines where we look at your top executives who are critical to the unified organization’s success today and then slowly add in the next levels. Web NAFCU digital@nafcu.org America/New_York public
Mergers and Acquisitions: Unifying Two Different Executive Total Compensation and Benefits Programs
preferred partner
Gallagher
Podcast
Add to Calendar 2024-04-11 14:00:00 2024-04-11 14:00:00 Regulation E: Impacts Across Your Institution Dive into regulatory excellence with, Regulation E: Impacts Across Your Institution. This webinar is tailored to empower you with the knowledge and strategies necessary to effectively implement the Electronic Funds Transfer Act (EFTA) and Regulation E within your operations. You’ll explore how to apply Regulation E across various business areas to ensure compliance obligations are met with precision. Key Takeaways Learn the basics of EFTA and Regulation E Understand how to apply Regulation E at your organization to detect processes and transactions that require Regulation E compliance Discover how Regulation E may apply to a large breath of areas in your institutions and functions for which you may rely on third-party vendors Review recent enforcement activity for non-compliance with EFTA and Regulation E Register Now $295 Members | $395 Nonmembers(Additional $50 for USB)One registration gives your entire team access to the live webinar and on-demand recording until April 11, 2025Go to the Online Training Center to access the webinar after purchase » Who Should Attend NCCOs NCRMs Compliance and risk titles Education Credits NCCOs will receive 1.0 CEUs for participating in this webinar NCRMs will recieve 1.0 CEUs for participating in this webinar Web NAFCU digital@nafcu.org America/New_York public
Regulation E: Impacts Across Your Institution
Credits: NCCO, NCRM
Webinar
Get daily updates.
Subscribe to NAFCU today.