MENU

Pagoda Blog

Important: Homeland Security Says Stay Off IE

April 29, 2014

http://www.pcworld.com/article/2148921/dhs-warns-against-using-internet-explorer-until-bug-is-patched.html?inf_contact_key=918995e2ab5ea4c6edf72a9fc78f6ed2822ba3b0d6970c0167d7bf9ff604e163

A vulnerability discovered in Internet Explorer over the weekend is serious—serious enough that the Department of Homeland Security is advising users to stop using it until it’s been patched.

On Monday, the United States Computer Emergency Readiness Team (US-CERT), part of the U.S. Department of Homeland Security, weighed in. 

“US-CERT is aware of active exploitation of a use-after-free vulnerability in Microsoft Internet Explorer,” it said in a bulletin. “This vulnerability affects IE versions 6 through 11 and could lead to the complete compromise of an affected system.

“US-CERT recommends that users and administrators enable Microsoft EMET where possible and consider employing an alternative web browser until an official update is available.” Enhanced Mitigation Experience Toolkit (EMET) is a Microsoft utility that helps prevent vulnerabilities in software from being successfully exploited, and can be downloaded here. It supports every Microsoft operating system from Windows 7 on up.

Microsoft has yet to decide whether it will issue an emergency patch in the coming days or wait for patch Tuesday on May 13 to repair supported versions of IE. 

The new remote code execution vulnerability, dubbed CVE-2014-1776, has the potential to give hackers the same user rights as the current user. That means a successful attacker who infects a PC running as administrator would have a wide variety of attack open to them such as installing more malware on the system, creating new user accounts, and changing or deleting data stored on the target PC.

Windows XP is especially vulnerable, given that Microsoft discontinued support for the OS earlier this month.

Additional reporting by Ian Paul.

 



Return to Pagoda Blog Main Page


As your trusted IT service partner, Pagoda Technologies is here to help you achieve your near and long-term business goals through reliable and affordable IT support. 

Pagoda Technologies

101 Cooper Street

Santa Cruz, CA 95060

831-419-8000

Contact us for a free IT consultation

 

 

Get in touch 

Join our newsletter

Want IT to serve you better? 

 

 

Subscribe 

Follow Us

Facebook LinkedIn LinkedIn