Mitigation refers to the default existence of a configuration, setting or a best-practice which could prove useful in lessening the severity of the damage if vulnerability is exploited. In the case of this vulnerability several mitigation factors exist which are.
– In the case of a web based attack, an attacker has to place a customized code on a website so that it can be executed when the visitor view the website. However, there is no sure way for an attacker to make the user visit the website. The attacker may then have to use his or her convincing power to force the user, usually, asking them to click on a link sent through an email or provided through a chat window.
– In the case where an attacker successfully exploits the vulnerability, the attacker may only gain the privileges of the user that is currently logged-in. Hence, configuring users on a system with lower access rights could help in limiting the impact of the exploit on the system.
– Set by default, all versions of Windows Mail, Microsoft Outlook and Outlook Express open HTML in Restricted sites zone. This setting helps in mitigating the effects of the attacks by restricting Active Scripts and ActiveX control embedded in the HTML from execution when the email is read. However, if the user clicks on any of the links included in the page, the user could become vulnerable to the exploit as the Web-based attack scenario would then apply.
– Internet Explorer on Microsoft Window Server 2003 and Windows Server 2008 executes in a restricted mode by default. This mode, called Enhanced Security Configuration, sets the security level for the Internet Zone to High and helps mitigate attacks from websites which have not been added the Trusted sites zone.
– Users who have upgraded to Internet Explorer 7 or 8 cannot be attacked using this vulnerability.
Microsoft recommended two workarounds as well which can be used to protect a system from this vulnerability. These workarounds are:
– Configuring Internet and Local Intranet security zone setting in the Internet Explorer to “High” in order to make the application prompt before execution of any Active Scripting and ActiveX Controls.
This is just a sample term paper for marketing purposes. If you want to order term papers, essays, research papers, dissertations, case study, book reports, reviews etc. Please access the order form.