Consumer Alert: Microsoft says your PC may be at risk. Here’s what you need to do.

[anvplayer video=”5054960″ station=”998131″]

ROCHESTER, N.Y. (WHEC) — Today we’re alerting you to a warning from Microsoft. The company has discovered that hackers have found a new way to infect your computer with malware.

Hackers are exploiting a vulnerability in the Microsoft Windows version of Internet Explorer. So the onus is on Microsoft to fix it. But here’s the problem. They haven’t developed a patch yet. So protecting our computers is up to us.

Here’s what Microsoft is saying: "Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft office documents."

So here’s what’s happening. Hackers are targeting victims through Microsoft Office documents. They trick you into opening a malicious office document. And that spells trouble. Your click then opens a page on Internet Explorer and unleashes malware onto your computer.
So first you need to assess whether you’re at risk. If you’re using Explorer, you’re at risk.

Explorer has been Microsoft’s browser of choice for 25 years. Click here to see what the Explorer browser symbol looks like.

But if you have Windows 10 installed on your PC, the default browser is Microsoft’s new baby, Microsoft Edge. Click here to see what the symbol for Edge looks like. If you’re using Edge, you’re likely not at risk.

So for Microsoft Explorer users, the first thing you need to do is disable Active X software from Internet Explorer. I know. For many folks, I might as well be speaking German.

Simply put, Active X is a software framework that helps your browser do more stuff. It gives it more functionality. But it’s also an unlocked door that’s inviting in some bad actors. So you need to disable it. Here’s how according to

  1. Open Internet Explorer.
  2. From the Tools button menu, choose Manage Add-Ons. The Manage Add-Ons dialog box comes into view.
  3. From the Show drop-down menu, ensure that All Add-Ons is chosen. And now, the bad news: The add-ons in the window aren’t sorted or even identified as individual ActiveX controls. Believe me: ActiveX controls are listed, but you have to find them individually. That takes time unless you know the developer or specific name of the ActiveX control.
  4. Click an add-on in a list. You see whether the add-on is an ActiveX control by looking at the detailed information in the bottom of the window. If the add-on type is an ActiveX Control, you’ve found one.
  5. Disable the ActiveX control by clicking the Disable button.
  6. Repeat Steps 4 and 5 for every ActiveX control in the Manage Add-Ons window. Of course, you don’t have to disable all the controls; if you see some that you use frequently, such as Adobe Shockwave Flash player, keep it enabled. (Then again, Flash has its issues on certain web pages.)
  7. Click the Close button to dismiss the Manage Add-Ons window when you’re done.

Don’t turn this exercise into a witch hunt. You’ll find good ActiveX controls as well as evil ActiveX controls. In fact, if the entire issue bugs you, just use Firefox rather than Internet Explorer.

Microsoft also says you need to make sure your antivirus software is up to date. Of course, Microsoft recommends its products, Microsoft Defender Antivirus and Microsoft Defender for Endpoint.

Consumer Reports has tested antivirus software and has recommendations. Click here for that.

As for protections from Microsoft, it says it’s working on it. Until then, it’s up to us.