Microsoft recently confirmed that Internet Explorer browsers from version 6 to version 11 are impacted by a major vulnerability that could allow remote code execution. What this means is that a sophisticated attacker can essentially own your machine through specific code manipulation. In fact, the U.S. government has issued a stern message advising all users to stop using Internet Explorer until a patch is issued.
Over the past few years, innumerable vulnerabilities have been discovered in every browser, and every kind of active content has given rise to effective attack channels. The reality is that HTML, CSS, Java Script, Java, Active X, Flash and all other content rendered by browsers are far too complicated to ever allow anyone to create a fully featured browser that would be completely resistant to attack.
We know with certainty that over 90% of all successful attacks come through the browser, yet few have thought to address this gaping security hole. It is essentially the enterprise’s Achilles heel.
Ntrepid has moved on to a new paradigm where security failures in browsers don’t lead to a total collapse of the security perimeter and compromise of sensitive data and infrastructure.
It is not enough to simply isolate the computer, if the attacker can use the browser beachhead to search the local network for vulnerable devices. Similarly, isolating the network, while allowing the compromise of the host computer would allow far too much damage. By isolating both, the attack can be effectively contained and any damage minimized.
Passages was designed for exactly this kind of threat. Passages isolates the browser within a fully virtualized hardened operating system, which is burned down and re-created from a known clean image every session. All network communications with that virtual machine is itself isolated from the local network through a secure VPN tunnel protecting the local network from any attack or observation. By isolating both, the attack can be effectively contained and any damage minimized. Passages is the only secure browsing platform to provide robust protection for both the computer and the network simultaneously. If you’re interested, check out GetPassages.com to sign up and be part of our pilot program.