Internet Explorer (IE) has had many security vulnerabilities and concerns as the web browser has evolved. Microsoft has continually improved the security with each new IE version; however, each version carries different risks and unique vulnerabilities to be addressed. Analysts can address certain risk by verifying which systems are running a particular version of IE. Vulnerabilities found in IE by Tenable.sc Continuous View (CV) range in severity from low to critical, which can aid organizations in mitigating the most severe vulnerabilities first. Internet Explorer 11 is the most current and only version supported. Microsoft stopped providing security updates or technical support as of January 12, 2016 for all other versions. Organizations should be aware and take action if older versions have not been updated to Microsoft Edge or at least a fully patched IE 11. This dashboard will highlight any IE vulnerabilities present within the network.
IE provides support for plugins and add-ons to be installed such as Flash, Java, ActiveX and third-party toolbars. Many of these browser plugins add additional security risks with vulnerabilities that require updating and patching as well. Add-ons and plugins are given permissions and control of the functionality of IE. With control of IE functionality, these add-ons may lead to compromise and should be considered a risk. Security updates patch vulnerabilities that may be exploited by malware often take advantage of those IE exploits and help to keep users and their data safer. Applying security updates help protect computers from malicious attacks, so upgrading and staying current is important.
This dashboard displays vulnerabilities found in Internet Explorer, and assists analysts in determining the level of risk associated with the web browsers' use. As with all browsers, Internet Explorer has become an important tool utilized in many organizations. As web interfaces gain ground with current business software trends, so will the increased need to determine the risk associated with IE and the monitoring of those vulnerabilities. Tenable.sc CV incorporates continuous monitoring that allows analysts to gain insight into systems that are not being patched on a regular basis. Given this information, analysts can develop more effective mitigation plans and reduce risk in the enterprise.
The Internet Explorer Vulnerabilities dashboard is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable.sc Feed under the category Discovery & Detection.
The dashboard requirements are:
- Tenable.sc 5.4.5
- Nessus 8.6.0
- LCE 6.0.0
- NNM 5.9.0
- This dashboard requires “Full Text Search” to be enabled for each analyzed repository.
Tenable's Tenable.sc CV provides continuous network monitoring, vulnerability identification and security monitoring. Tenable.sc CV is continuously updated with information about advanced threats, zero-day vulnerabilities and new types of regulatory compliance configuration audit files. Tenable constantly analyzes information from our unique sensors, delivering continuous visibility and critical context, and enabling decisive action that transforms a security program from reactive to proactive. Active scanning periodically examines the applications on the systems, the running processes and services, web applications, and configuration settings. Agent scanning enables scanning and detection of vulnerabilities on transient and isolated devices. Passive listening provides real-time discovery of vulnerabilities on operating systems, protocols, network services, wireless devices, web applications and critical infrastructure. With this information, analysts can better analyze risk and create remediation strategies. Tenable enables powerful, yet non-disruptive, continuous monitoring of the organization to ensure vulnerability information is available to analysts.
The components included with this dashboard are:
Internet Explorer Vulnerabilities - Vulnerability Summary: This component summary has a count of each host impacted and searches for vulnerabilities using CPE strings along with Java and Flash plugins. Findings highlight the level and count of vulnerabilities discovered in the matrix. Internet Explorer vulnerabilities range from info to critical.
Internet Explorer Vulnerabilities - Exploitable Vulnerabilities: This table displays an IP address summary with FQDN, if available, of systems with exploitable vulnerabilities in Internet Explorer. Each host is given a score and highlights the medium to critical range of vulnerabilities found.
Internet Explorer Vulnerabilities - IE Version Detection: The IE Version Detection component detects the versions of Internet Explorer present on the network. This component uses the Tenable products Nessus, NNM and LCE. The plugins that detect the version of Internet Explorer use user agent strings or registry values.
Internet Explorer Vulnerabilities - Internet Explorer Could Allow Remote Code Execution: This component identifies systems that are running Internet Explorer affected by an unspecified use-after-free vulnerability. Each cell highlights and changes color when a system found with an unspecified use-after-free vulnerability related to VML and Flash components.
Internet Explorer Vulnerabilities - Enhanced Mitigation Experience Toolkit (EMET): This component displays host counts of systems running Microsoft's Enhanced Mitigation Experience Toolkit (EMET), a tool for mitigating security vulnerabilities in Windows applications.
Internet Explorer Vulnerabilities - IE Related Vulnerabilities: The IE Related Vulnerabilities component focuses on vulnerabilities found in IE with add-ons, plugins and toolbars. Each cell reports the number of systems with these IE additions installed and changes color when matches are discovered.
Internet Explorer Vulnerabilities - 90 Day Vulnerability Trending: This component displays a 90-day trend analysis of all Microsoft Internet Explorer medium, high and critical vulnerabilities.