Microsoft was alerted to a significant vulnerability in Internet Explorer, their web browser, by security company FireEye. Microsoft has acknowledged this issue.
Here is what we know:
- All versions of Internet Explorer from IE6 to IE11 are affected
- As of April 28th, 2014 there is no Patch available and there will not be a patch available for Windows XP.
- The vulnerability leverages Adobe Flash in order to attack the flaw in Internet Explorer.
What You Can Do:
- Do not use Internet Explorer on any machines that you currently have. Use Firefox or Chrome. If you must use Internet Explorer, limit it to websites that require it and only browse to those websites directly.
- Remove Adobe Flash if you are using an older version of Internet Explorer (IE9 or older). IE10 and IE11 include Adobe Flash built in so it cannot be removed
- Managed customers will automatically get the patch once it is made available. There won’t be a patch for Windows XP. If you cannot upgrade Windows XP, then do not do any web browsing on those computers, especially with Internet Explorer
- Do not click on links that you receive in email. Go directly to the website that you wish to visit.
