Microsoft issues warning of attacks on IE, first flaw since XP support ended


Microsoft is warning people that use Internet Explorer (IE) about attacks that are exploiting a previously unknown security flaw.

The flaw affects IE6 through IE11, and on all Microsoft operating systems.

The vulnerability allows malicious software to be installed simply by visiting a hacked or malicious website.

Screenshot of
Microsoft offering $100 to drop Windows XP

The company said it is aware of “limited, targeted attacks” against the vulnerability (CVE-2014-1776), and credits security firm FireEye with discovering the attack.

Microsoft has not issued a patch for this flaw at the time of this post.

The company is asking IE users to download and install its Enhanced Mitigation Experience Toolkit (EMET), a free tool that can help strengthen security on Windows. EMET must be version 4.1 or higher to prevent an attack using this flaw.

You can also use a third-party browser such as Google’s Chrome or Mozilla’s FireFox.

This is the first major vulnerability since Microsoft stopped support of Windows XP on April 8. This means that the fix may not be made for users still on the unsupported operating system.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s