Internet Explorer zero-day leaves users vulnerable

Whatever IT pros had on their to-do lists this week, something that just came up is probably going to trump it. It has to do with the popular browser Internet Explorer.

A zero-day vulnerability has been discovered in every version of Microsoft’s Internet Explorer.

Needless to say, those at risk will likely include a large percentage of your users.

The vulnerability

What we know so far is this: Microsoft announced that Internet Explorer has a user-after-free error.  Essentially, users would be at risk if they visited a malicious website.

Microsoft says it’s already aware of instances of attacks being launched using this bug.

A fix is apparently in the works and will be released as soon as it’s available regardless of the regular patch schedule.

What to do

The safest bet may be to make sure users stay off Internet Explorer until the fix is available. Remember, it affects every version, so no IE users will be completely safe until the patch is completed,  even if they’re updating from an older version to a more recent one.

And remind users to be on the lookout for phishing attacks. For the attack to be successful, users must first visit an infected website. That’s going to happen by emailed links or social engineering attacks most likely. Now more than ever, they should make sure to not click on any links that weren’t requested or expected to come in.

Of course, once the patches come, update immediately. Since Microsoft isn’t waiting for its next Patch Tuesday to update, you know it’s a fairly serious and urgent issue.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy