Many of our clients use the internet browser Internet Explorer (IE) on their office or home computers to do their day-to-day business. Microsoft, the creators of IE, recently released a Security Advisory regarding an issue that impacts IE versions 6-11.

From Microsoft:

"This issue allows remote code execution if users visit a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an email or instant message."

As with many attacks, hackers can use methods such as convincing users to click on fake websites and from there, the IE vulnerability could allow attackers to run malicious software on the user's computer – and even gain access to the computer as the real user.

It's a serious flaw, and a widespread one: Internet Explorer comprised almost 58% of all desktop browsers in March, according to analytics company Net Applications.

While Microsoft is still investigating the issue and working on a solution, they have advised that users:

"Follow the "Protect Your Computer" guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. Additionally, we encourage everyone to exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders. Additional information can be found at www.microsoft.com/protect."

We suggest also, that if at all possible, you simply use another browser such as Google Chrome, Firefox, or Safari.


Sources

Department of Homeland Security - US-CERT (United States Computer Emergency Readiness Team)
Microsoft Security Advisory 2963983
Microsoft Security Response Center
NetMarketShare.com
NBC News