Microsoft has been forced to push out a workaround solution for a flaw in Internet Explorer, which has been exploited in the wild.
Reports have indicated attacks saw Internet Explorer 8 and 9 users directed to a site serving up malicious content.
“There are only reports of a limited number of targeted attacks specifically directed at Internet Explorer 8 and 9, although the issue could potentially affect all supported versions. This issue could allow remote code execution if an affected system browses to a website containing malicious content directed towards the specific browser type,” Microsoft said in an advisory.
“This would typically occur when an attacker compromises the security of trusted websites regularly frequented, or convinces someone to click on a link in an email or instant message.
“We also encourage customers to exercise caution when visiting websites and avoid clicking suspicious links or opening email messages from unfamiliar senders.”
Microsoft has recommended applying its Fix It solution, which can be found here.
It also suggested turning Internet and local intranet security zone settings to ‘High’ to block ActiveX Controls and Active Scripting. This will affect usability, said Microsoft, but will prevent the attackers’ exploit code from running.
Users could also activate prompts before running Active Scripting, or disable Active Scripting altogether.
Microsoft has had a troubled month in security. It had problems with a slew of fixes as updates were listed as still required even after installation. The company had to pull another buggy update entirely.
How much do you know about information security? Try our quiz and find out!
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…