Severity: High Summary: This vulnerability affects: All versions of Internet Explorer (IE) How an attacker exploits it: By enticing a user to visit web site containing malicious content Impact: An attacker can execute code with your privileges, potentially gaining complete control of your computer What to do: Install Microsoft's emergency IE patch immediately, or let … [Read more...]
Advanced Attackers Exploit IE & Flash 0days in the Wild
Over the weekend, Microsoft released a critical security advisory warning customers of a serious new zero day vulnerability in Internet Explorer (IE), which attackers are exploiting in the wild. Around the same time, Kaspersky also noted an attack campaign leveraging a new Adobe Flash zero day flaw, which Adobe patched today. I'll discuss both issues below, starting with the IE … [Read more...]
Out-of-Cycle Word FixIt Corrects Zero Day Vulnerability
If you're worried about spear phishing attacks (and if you're not, you should be), grab Microsoft's emergency FixIt to mitigate a zero day vulnerability attackers are exploiting in the wild. In a security advisory released yesterday, Microsoft warned of a zero day vulnerability in Word, which attackers are exploiting in what Microsoft describes as limited, targeted attacks. … [Read more...]
Grab Adobe and Microsoft's Emergency Flash and IE Fixes
Let's start with the short version. Yesterday, both Microsoft and Adobe released out-of-cycle updates to fix zero day security vulnerabilities that advanced attackers are exploiting in the wild via "watering hole" campaigns. If you use these products and haven't installed the updates, go get the Flash and Internet Explorer (IE) fixes now! The slightly longer story is early … [Read more...]
Microsoft Black Tuesday: Updates Correct One of Two Zero day
Today's the second Tuesday of the month, which means it's Microsoft (and Adobe) Patch Day. One of Microsoft updates fixes a zero day vulnerability, so we recommend you install at least that one as quickly as possible. According to their summary post for November 2013, Microsoft released eight security bulletins today, fixing 18 security flaws in products like Internet Explorer … [Read more...]
