A new zero-day attack is targeting Internet Explorer users, prompting
a warning from Microsoft. The zero-day threat is targeting a flaw
in all versions of the browser, including Internet Explorer 6 / Windows
XP, and could allow remote code execution. An attacker could host a
specially crafted website that is designed to exploit this vulnerability
through Internet Explorer and then convince a user to view the
website. You can read more about it here.Is a fix coming?
Due to the end of support for Windows XP and Windows Server 2003, which include Internet Explorer 6, there will not be a security fix for Internet Explorer 6 to patch this vulnerability. If you are running XP and/or Server 2003, we recommend that you upgrade as soon as possible to Windows 7/8.1 and Server 2012. This is only the first of multiple vulnerabilities and "hacker's paradise" type scenarios that experts are predict will endanger XP users' security.If you are running a later version of Windows and use Internet Explorer versions 7 through 11, you can expect that a fix will eventually patch this vulnerability. There are circumstances that mitigate this vulnerability and Microsoft has also listed some Suggested Action and workarounds for the meantime.
What should you do?
We strongly encourage you to not use Internet Explorer until this vulnerability is fixed; use a different web browser such as Firefox or Chrome. This hack is dependent on Adobe Flash as well, so disable Adobe Flash on your machines.If you would like assistance in upgrading systems with XP or Server 2003, please contact Emerge for help at 859-746-1030.
No comments:
Post a Comment