Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Risks & mitigation of using IE8 on a server that runs an app that requires IE8

Posted on 2016-10-19
14
Medium Priority
?
152 Views
Last Modified: 2016-10-24
We have an app from EMC (the storage vendor) that requires us to use IE8 :
log a case & was told IE10-11 not supported as screen gets garbled.

As this server is internal (ie not accessible via Internet & not in DMZ),
what's the risks?  I suppose an internally infected PC/server can still
exploit & get into this server/app that runs IE8 (as console to the app).

How can we mitigate as IE8 doesn't have patches anymore?  Use endpoint
IPS as substitute for various vulnerabilities but I'm afraid many IPS vendor
has ceased releasing signatures/filters for IE8.

Havent explore with Chrome/Firefox yet if it works with the apps but was
told by colleague that they're unlikely to be supported.

IE8 is to be run/installed on the server hosting the app, not on laptops/PCs

I'll convey the name of the EMC app later
0
Comment
Question by:sunhux
  • 5
  • 3
  • 3
  • +2
14 Comments
 
LVL 58

Expert Comment

by:McKnife
ID: 41850057
Hi.

You cannot install IE8 on modern OS' - technically impossible. The last OS where you could would be server 2008. So you need to try a different browser. Chrome for example offers support for oldschool things in form of an app that simulates legacy browser behavior.
1
 
LVL 88

Assisted Solution

by:rindi
rindi earned 480 total points
ID: 41850155
Have you tried using compatibility View in IE11? That will often allow you to view old stuff. Also check if there is an upgrade for the EMC app that runs on current browsers.
0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 400 total points
ID: 41850307
You also can't run two versions of IE on the same computer.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:sunhux
ID: 41850504
The name of the EMC app is OCAOIS  & it's not an option to upgrade this app.


Can elaborate how we can go about doing the following:

>Chrome for example offers support for oldschool things in form of an app that
> simulates legacy browser behavior : how can I configure it or need a plug-in ?

>compatibility View in IE11?
How to enable  compatibility View in IE11 ?
0
 
LVL 58

Assisted Solution

by:McKnife
McKnife earned 800 total points
ID: 41850516
0
 
LVL 88

Assisted Solution

by:rindi
rindi earned 480 total points
ID: 41850539
In IE select tools, Compatibility view settings, then add the url.
0
 
LVL 81

Assisted Solution

by:arnold
arnold earned 320 total points
ID: 41851536
Seems like using a VM with Windows 7, Xp, server 2008 is one way to maintain access while using parental control to limit the access to the EMC OCAOIS portal interface a the sole destination to avoid ......user attempts to use the VM to access anything else.
0
 

Author Comment

by:sunhux
ID: 41852477
Our apps support team has tested out both IE11's Tools==> Compatibility View
settings as well as Chrome's oldschool support : did not help.

Was told this product OCAOIS is to capture clients' signature & sort of secure it:
The browser on the server is meant to access Management console of this
product.

Was further informed by our apps team that this current version 6 is the one
giving issue: previously while they're on version 3 running on Win2003, IE8
was working fine.

After upgrading the OS to Win2008 R2 followed by upgrading this app to
ver 6, found IE11 gives issues :display garbled & when clicking on certain
links, error pops up.

EMC (possibly this is an RSA related product;  RSA is owned by EMC) has
come up with ver 7 but we need to pay for licence upgrade: it's not
certain if ver 7 will support IE11
0
 
LVL 58

Accepted Solution

by:
McKnife earned 800 total points
ID: 41852491
Ok, 2008r2. You can uninstall ie11 and it should roll back to the previous browser, which should be ie8 on 08R2.
0
 
LVL 81

Expert Comment

by:arnold
ID: 41852777
depending on installed updates, ie9, ie10 might have been installed as well.

look at xpmode, or similar vm .....
0
 
LVL 58

Expert Comment

by:McKnife
ID: 41852803
If I am not mistaken, even then will it let you rollback through the versions back to the one that shipped with 2008R2: IE8.
0
 
LVL 81

Expert Comment

by:arnold
ID: 41853036
rollbacks at times work, the issue besides the version, there have been updates along the way in addition to the deployment of versions.......

Without trying, ..it is filled with peril.
0
 

Author Comment

by:sunhux
ID: 41853272
So create a VM that run IE8 in it to make it more secure?
0
 
LVL 58

Expert Comment

by:McKnife
ID: 41853306
Always possible, why not.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like me and like multiple layers of protection, read on!
This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question