Date published: 5/1/2014

Security flaw discovered in Internet Explorer

We have learned of a vulnerability which makes it possible for hackers to take control of a user’s computer after it has been infected with malicious code. This vulnerability affects all versions of Windows released since 2001.  A permanent fix is expected by May 13.

Please note that if you must use IE (for specific applications, for example) the attack will not work without Adobe Flash.  The recommended solution for this is to upgrade to the most current version of Adobe Flash

NOTE:  As of May 1, Microsoft has released an update for Internet Explorer to fully resolve this issue.  Users may run this update at any time from Start -> Programs -> Windows Update. 

Please log a help desk request if you'd like more information or assistance with this.

Other references

  1. http://www.us-cert.gov/ncas/current-activity/2014/04/28/Microsoft-Internet-Explorer-Use-After-Free-Vulnerability-Being
  2. http://www.cnet.com/news/stop-using-ie-until-bug-is-fixed-says-us
  3. http://www.latimes.com/business/technology/la-fi-tn-microsoft-internet-explorer-bug-windows-xp-20140428,0,6544915.story
Categories: 
Information Technology