Latest Zero Day Microsoft Exploit Affects Virtually All Versions of IE, No Fix For XP

Microsoft is scrambling to fix a security flaw in its Internet Explorer (IE) browser that could allow a hacker to remotely execute malicious code if users visit an infected website. Unfortunately, the security bug is present on just about every version of IE, and if you're a Windows XP user, be advised that no security fix is coming your way now that you're using an unsupported operating system.

There have already been what Microsoft claims are "limited, targeted attacks." What's most often the case is that hackers taking advantage of the exploit for nefarious purposes will try to convince a user to click on a link in an email or instant message directing them to the malicious website.

Microsoft Training

"Our initial investigation has revealed that Enhanced Protected Mode, on by default for the modern browsing experience in Internet Explorer 10 and Internet Explorer 11, as well as Enhanced Mitigation Experience Toolkit (EMET) 4.1 and EMET 5.0 Technical Preview, will help protect against this potential risk," Microsoft stated in a blog post. "We also encourage you to follow the 'Protect Your Computer' guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software."

You should also avoid clicking on suspicious links or opening email messages from senders you're not familiar with, as well as exercise caution when visiting websites, Microsoft says. Those of you sticking with XP no matter what, security researchers recommend using an alternative browser, such as Chrome, Firefox, or Opera.

Via:  Microsoft
blog comments powered by Disqus