An announcement posted to Patch by the Connecticut Better Business Bureau News:
A vulnerability in Microsoft’s popular Internet Explorer web browser can allow a “remote, unauthorized attack” on users’ computers, the company announced over the weekend via a Service Advisory. Although it is working to fix the problem, the company suggests “workarounds.”
Better Business Bureau emphasizes that these sort of exploits are the main reason to keep software up-to-date and apply operating system patches and updates when they are released.
Meanwhile, the U.S. Computer Emergency Readiness Team, a division of the Department of Homeland Security, is urging computer users to employ Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) if possible, or temporarily switch to a different browser until an official update is made available.
The “use-after-free” vulnerability can allow remote attackers to install code on a user’s computer without authorization. Versions 6 through 11 of Internet Explorer (IE) are vulnerable, and users who still have the Windows XP operating system are at greater risk because the company is no longer supporting the product.
Better Business Bureau is joining with security experts in recommending that IE users take the following steps:
Download the EMET on your computer for additional protection (although it may not mitigate this particular vulnerability);
Disable Adobe Flash, as the attack may not work without it.
Windows XP users should upgrade their operating system or disconnect the computer from the Internet, as the company no longer supports this version of Windows.
-By Howard Schwartz, Executive Communications Director, Connecticut Better Business Bureau
Do you like Connecticut Better Business Bureau posts? If you don't want to miss any of our helpful posts, you can subscribe to our blog by clicking this link and then click "Get email updates," and our posts will arrive in your email.