Microsoft is alerting users of its Internet Explorer (IE) that almost all versions of the web browser are vulnerable to a malicious attack.
The software giant says only IE 10 – the latest version – is safe from the vulnerability and that the millions using earlier versions have been advised to proceed with caution.
Microsoft has warned that the flaw is exploitable through remote code execution, possibly brought by a malware-infested website, and is advising users to install the free Enhanced Mitigation Experience Toolkit (EMET) as a safeguard.
“Deploying EMET will help to prevent a malicious website from successfully exploiting the issue described in Security Advisory 2757760. EMET in action is unobtrusive and should not affect customers’ Web browsing experience. We are monitoring the threat landscape very closely,” it said.
“We encourage internet users to follow the ‘Protect Your Computer’ guidance of enabling a firewall, applying all software updates and installing antivirus and antispyware software. We also encourage folks to exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders.”
Microsoft promised to put together hastily a more schematic fix.
Source: Microsoft Technet
Image: Hash Milhan,via Flickr (CC)