What is the Vulnerability?

Microsoft recently released a security advisory alerting its users of an unpatched code-execution vulnerability in Internet Explorer. The vulnerability is listed as high in severity for Internet Explorer version 11 and moderate in severity for Internet Explorer versions 9 and 10.

Microsoft stated that “an attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change or delete data; or create new accounts with full user rights,”

Managing the Vulnerability.

“Microsoft is aware of this vulnerability and working on a fix,” Microsoft stated at the end of their advisory. “Our standard policy is to release security updates on Update Tuesday, the second Tuesday of each month.

For those that require a quick fix, Microsoft detailed a workaround that leverages administrative commands to restrict access to the vulnerable scripting library. However, the workaround may result in reduced functionality for components or features that rely on the vulnerable scripting file.

What Should You Do?

You should stop using Internet Explorer and instead switch to a more reliable and secure browser; however, this may not be easy for everyone as some existing web-based software still requires outdated version of Internet Explorer.

Microsoft has even recently launched its own Chromium-based Edge browser to provide better compatibility to its customers.

As always, if you’re not sure how to deal with this issue, or any other tech issue, call HBBTech at (636) 542-8653 and let us help you decide the best course of action for your business.