FireEye Research Labs identified a new Internet Explorer (IE) zero-day exploit used in targeted attacks. The vulnerability affects IE6 through IE11, but the attack is targeting IE9 through IE11. This zero-day bypasses both ASLR and DEP. Microsoft has assigned CVE-2014-1776 to the vulnerability and released security advisory to track this issue.
Threat actors are actively using this exploit in an ongoing campaign which we have named “Operation Clandestine Fox.” However, for many reasons, we will not provide campaign details. But we believe this is a significant zero day as the vulnerable versions represent about a quarter of the total browser market. We recommend applying a patch once available.
Full Article
Petr, thanks for the info!
Recently I started using IE11 (again), but somehow GC still suits me the most.
Mike
Recently I started using IE11 (again), but somehow GC still suits me the most.
Mike
Is there anything we can do about this other than switch browsers?
For the moment, switch browsers.
If you are using Windows XP or earlier, this will not be fixed for your computer. Microsoft has no current plans to repair the problem for XP.
If you are using Windows Vista, 7 or 8, make sure you watch for a security patch to be released in the coming days/weeks and apply it as soon as it becomes available.
If you are using Windows XP or earlier, this will not be fixed for your computer. Microsoft has no current plans to repair the problem for XP.
If you are using Windows Vista, 7 or 8, make sure you watch for a security patch to be released in the coming days/weeks and apply it as soon as it becomes available.
Issues like this is why I recommend to our customers to have a number of browsers installed. Having one is not enough (not to mention if your only browser gets damaged that it wont open it can be more than annoying)
That's why I always have Chrome and FireFox on my board ;)@ wrote:
Issues like this is why I recommend to our customers to have a number of browsers installed. Having one is not enough (not to mention if your only browser gets damaged that it wont open it can be more than annoying)
Hallelujia we have been saved!
Microsoft Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: April 28, 2014
http://support.microsoft.com/kb/2961887/en-us
Why do I not have a warm fuzzy feeling about this? Maybe because it feels like that's all we're / I'm doing these day. Instead of Patch Tuesday maybe it should be patch every two minutes?
Microsoft Security Advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: April 28, 2014
http://support.microsoft.com/kb/2961887/en-us
Why do I not have a warm fuzzy feeling about this? Maybe because it feels like that's all we're / I'm doing these day. Instead of Patch Tuesday maybe it should be patch every two minutes?
I don't see anything on here about Windows 7, only Windows 8. Which everyone hates, from what I understand.
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.