New Internet Explorer vulnerability being actively exploited

Another new exploit has been discovered by security researchers, this one affecting Internet Explorer. The exploit uses two as-yet unpatched vulnerabilities in IE 7 through 10.

This is not to be confused with the recently-announced exploit affecting Microsoft Office.

Recommendations:

  • Avoid using Internet Explorer. If that’s not practicable, exercise extreme caution when browsing the web.
  • Install and use Microsoft’s Enhanced Mitigation Experience Toolkit (EMET)

Ars Technica has more details.

Update 2013Nov12: a patch for this vulnerability will be included with this month’s Patch Tuesday updates, later today.

About jrivett

Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

One thought on “New Internet Explorer vulnerability being actively exploited”

Leave a Reply

Your email address will not be published. Required fields are marked *