Recently we had to wrestle with the Heartbleed bug. Heartbleed, was/is a major flaw in certain versions of OpenSSL, which is itself an “open source” project/application/codebase… This has had all of the armchair developers (myself included in that mix) either defending the concept of open-development or attacking it on grounds that it is less secure. I hold strongly to the former opinion that open development is a better way of doing things but that is rooted more in my personal philosophies (which I do believe have merit) and not exactly in some strong study on the issue itself.
A quick Google search shows me that most people don’t even think about it, they just speak their mind and move on (like so many other topics…) and as a result make a lot of idiotic statements one way or the other. Hopefully this isn’t just another idiotic statement adding to the noise :). That same search also tells me that very little hard research has been done on the matter to validate anyone’s opinions.
Well, now a critical error has been found in Internet Explorer and there has already been evidence of its exploitation in the wild. (more…)
So you have just built your brand new Server 2012 box and need to download and install some software to get it up and running for the intended user. You open up IE because that is the only browser installed on a new box and hop on over to the download site, click the link to download and STOP…
“Security Alert: Your current security settings do not allow this file to be downloaded.”
Oh yes, you know the fix for this, go to server manager, fumble around and hit “local server” and then find the “IE Enhanced Security Configuration” and turn it off. Restart Internet Explorer…
It still won’t let you download and gives you the same message…
So what gives? You are a local admin on the box (at least, maybe even a Domain admin…), turned off Enhanced Security, and yet, Microsoft still says no. Do the following as turning off Enhanced Security Mode is part 1 but you need part 2.
- Open up Internet Explorer (IE)
- Click the “Gear” in the upper-right-hand corner
- Click Properties
- Click the Security Tab
- Click “custom level” button while “internet” up top is highlighted..
- Scroll Down and find the Downloads Section –> File Download
- Tick “enable” then “ok” and “Apply” and get out and back to work
Thank you Microsoft for babysitting us all until we absolutely lose our minds…