New Critical Vulnerabilities for Internet Explorer & Flash

Microsoft has revealed that a fresh vulnerability has been discovered for all versions of Internet Explorer.  Specifically, there is a way for malicious code to run on your computer if you use Internet Explorer (Versions 6 thru 10) and visit some bad web content.  Microsoft is actively working on a security patch which should be available in a few days.  In the interim, refrain from using Internet Explorer when browsing to unknown or unfamiliar websites.  The US Department of Homeland Security is also recommending that a different browser be used until a security patch is delivered.

While these vulnerabilities are not new, this part is: Windows XP WILL NOT have a fix for this.  If you are still running Windows XP, your computer will be vulnerable to the end of time and there is no way to properly secure yourself.  Microsoft will not be providing any further support for Windows XP, so if you are still running it, today should be a sign that you should upgrade as soon as possible.

More information:
https://technet.microsoft.com/en-us/library/security/2963983.aspx
http://gizmodo.com/new-vulnerability-found-in-every-single-version-of-inte-1568383903
http://mashable.com/2014/04/27/microsoft-web-browser-security-bug-could-impact-millions-of-users

But wait, there’s more!  Unfortunately we are hit with a double-whammy today.  Adobe just came out with a critical patch for yet another zero-day vulnerability completely unrelated to the above IE exploit.  Thankfully, Adobe has a software patch available to address this issue.  Computers that have Flash (and whose doesn’t) need for it to be updated immediately.  You can check your current version of Flash – and update it as well – at the following site: http://helpx.adobe.com/flash-player.html

More info regarding the Adobe exploit:
http://helpx.adobe.com/security/products/flash-player/apsb14-13.html
http://www.securelist.com/en/blog/8212/New_Flash_Player_0_day_CVE_2014_0515_used_in_watering_hole_attacks

Leave a Reply

Your email address will not be published. Required fields are marked *