April 17, 2015
Microsoft Internet Explorer Vulnerability Update
Filed under "Alert"
More articles »
Tuesday, April 29, 2014
Microsoft’s vulnerability affects all versions of Internet Explorer, beginning with IE6. Unlike many vulnerabilities, this particular one requires users to click on an embedded link in a phishing email or browse to a hacked or malicious website to have their system compromised. At this time, a very limited number of attacks against this vulnerability have been seen. This means the risk of encountering a compromised website is still fairly low.
Until Microsoft issues an update to IE, it is offering a number of workarounds. These workarounds require varying degrees of technical effort and can be found at: https://technet.microsoft.com/library/security/2963983.
Please have your IT professional review these workarounds as each carries its own risks.
All users are encouraged to update Internet Explorer once the patch becomes available from Microsoft. Adobe Flash Player is also a vulnerability, so please discuss installing the latest update from Adobe Flash Player with your IT professional, as well. Please note, that Microsoft is no longer supporting or issuing updates for Windows XP, so if you are currently running that operating system, it is recommended by technology experts that you contact your IT professional to assist you in updating your system to a more current version of Windows.
If active attacks against this vulnerability increase significantly prior to Microsoft's release of an IE update, a more aggressive approach to reduce the risk may be necessary. However, at this time, vendors and technology experts believe a conservative approach is appropriate.