Secure IT Alert: Patch your Microsoft Internet Explorer – Now….

This alert comes courtesy of the US-CERT National Cyber Awareness System and we highly recommend you apply the patches provided by Microsoft to protect your Internet Explorer browser immediately. Hackers are currently using the browser vulnerability to exploit systems.

In addition to patching your systems, we recommend a bit of common sense, such as not visiting links which are sent to you in email that look suspicious. If it looks strange, it probably is.

National Cyber Awareness System
US-CERT Alert TA12-265A
Microsoft Releases Patch for Internet Explorer Exploit

Original release date: September 21, 2012 Last revised: —

Systems Affected 

* Microsoft Internet Explorer 6
* Microsoft Internet Explorer 7
* Microsoft Internet Explorer 8
* Microsoft Internet Explorer 9

Overview

Microsoft has released Security Bulletin MS12-063 to address the  use-after-free vulnerability that has been actively exploited this  past week.

Description

Microsoft Internet Explorer versions 6, 7, 8, and 9 are susceptible  to a use-after-free vulnerability. This vulnerability is being  actively exploited in the wild. Microsoft has released Security Bulletin MS12-063 to patch this vulnerability and four others.

This vulnerability was previously mentioned in US-CERT Alert  TA12-262A. Additional information is available in US-CERT  Vulnerability Note VU#480095.

Impact

A remote, unauthenticated attacker could execute arbitrary code,  cause a denial of service, or gain unauthorized access to your files or system.

Solution

US-CERT recommends that Internet Explorer users run Windows Update  as soon as possible to apply the MS12-063 patch.

References

* Microsoft Security Bulletin MS12-063
<http://technet.microsoft.com/en-us/security/Bulletin/MS12-063>

* US-CERT Alert: Microsoft Security Advisory for Internet Explorer Exploit
<http://www.us-cert.gov/cas/techalerts/TA12-262A.html>

* Microsoft Windows Update
<http://go.microsoft.com/fwlink/?LinkID=40747>

* US-CERT Vulnerability Note VU#480095
<http://www.kb.cert.org/vuls/id/480095>

 

Revision History

September 21, 2012: Initial release

As always, if you require assistance applying these security patches or have questions about your Greenville / Upstate, SC business computer and network security, please call us at 864.990.4748 or use the contact link in the menu above.

Leave a Reply

Your email address will not be published. Required fields are marked *