Severity: High Summary: This vulnerability affects: All versions of Internet Explorer (IE) How an attacker exploits it: By enticing a user to visit web site containing malicious content Impact: An attacker can execute code with your privileges, potentially gaining complete control of your computer What to do: Install Microsoft's emergency IE patch immediately, or let … [Read more...]
Advanced Attackers Exploit IE & Flash 0days in the Wild
Over the weekend, Microsoft released a critical security advisory warning customers of a serious new zero day vulnerability in Internet Explorer (IE), which attackers are exploiting in the wild. Around the same time, Kaspersky also noted an attack campaign leveraging a new Adobe Flash zero day flaw, which Adobe patched today. I'll discuss both issues below, starting with the IE … [Read more...]
Two Critical IE Bulletins Fix Zero Day Vulnerability and More
Severity: High Summary: These vulnerabilities affect: Internet Explorer (IE) versions 6 - 10 How an attacker exploits them: Typically, by enticing one of your users to visit a web page with malicious content Impact: In the worst case, an attacker can execute code on your user's computer, often gaining complete control of it What to do: Install Microsoft's IE updates … [Read more...]
Microsoft Black Tuesday: Fix for IE8 Zero Day and More
Calling all Microsoft administrators. It's time to spin up your virtual test machines and download, test, and deploy May's batch of Microsoft security updates. This month's theme is IE updates; with a focus on a recent IE zero day vulnerability, as well as a continuation of the "use after free" vulnerability theme I commented on last month. According to their summary post, … [Read more...]