Ask Slashdot: How To Communicate Security Alerts? 84
Capt.Michaels writes: "I need to start sending security alerts and warnings to employees at my somewhat sizable company. My problem: I'm not sure how to send these alerts without freaking everyone out and causing the help desk to get flooded with phone calls. For example, let's take the current Internet Explorer exploit that caused US-CERT to recommend switching browsers. I don't want everyone killing our limited help desk with ridiculous questions like, 'I downloaded $New_Browser, how can I get my toolbar? How do I bookmark things in this browser? Can you tell me which browser you recommend?' Simply put: some vulnerabilities are worth major changes, but many aren't. If we switched software every time a new vulnerability came out, we'd never get anything done. Sooner or later, a patch will come out, and everything will be back to normal. But how do I communicate to end users that they should be aware of an issue and take extra care until it's fixed, without causing panic?"
Re:My thoughts. (Score:2, Informative)
Then you could sit tight waiting on a patch for your existing browser
That patch he was waiting for? it was pushed yesterday ... FYI.
If he followed your advice, he would have spent more time creating, testing, and implementing the scripts/GPO's you suggested, than it took to get the patch. Plus he'd get to have all the fun of hearing from the Help Desk about users who're confused by a different browser appearance, and oh, hey, where'd all of my favourites go?
Not to mention, if the enterprise also uses GPO's to manage browser functionality / appearance / behaviour, woops, none of that on Chrome/Safari/Firefox...
If he did ANYTHING, on Monday, he could have pushed EMET to his Windows Vista/7/8.x clients, thereby hardening all of them against not only this attack, but also most others going forward; IE11 with EMET has YET to be compromised and was the ONLY browser configuration that came out of PWN2OWN undefeated; (FWIW: If you think that's just from weak-efforts, and manage to find a way to defeat it, there's a $150,000 [wmpoweruser.com] reward available...)
-AC
fix it at the proxy level (Score:4, Informative)
This will:
If you're not using an outbound proxy, god help you.