Newly Released Security Advisory Provides Workaround for Unpatched IE8, IE9 Vulnerabilities

Newly Released Security Advisory Provides Workaround for Unpatched IE8, IE9 Vulnerabilities

UPDATE: Microsoft has now stated that there are known attacks in the wild for IE8 and IE9. They have also confirmed that this issue does, indeed, affect all versions of Internet Explorer. The Security Advisory has been updated to reflect the new information.

Today, Microsoft has released some information regarding a new vulnerability in Internet Explorer 8 and 9 that could allow remote execution. Actually, IE8 and IE9 was listed in the new security advisory, but Microsoft also suggests the issue could "potentially affect all supported versions" of Internet Explorer. Microsoft will know for sure once the issue is investigated.

Until a security update is available, Microsoft has provided a set of workarounds to ensure computers are not affected by the risk. The workarounds include:

  • A Microsoft FixIt solution that must be run manually on each PC.
  • Setting Internet Explorer's local intranet security zone setting to "High," so that ActiveX controls and Active Scripting is blocked.
  • Configuring the Internet and local intranet security zones so that Active Scripting either prompts before executing, or so that it is disabled altogether.

Read through the full Security Advisory: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2887505)

 

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish