Last Thursday we reported that Microsoft pushed out its latest patch with 26 vulnerabilities, including a new Internet Explorer “Zero-Day” vulnerability that Microsoft announced during that patch release. Microsoft has designated Tuesday’s as patch-day and one Tuesday per month for major patches and updates to fix software misgivings.
Since last Tuesday we have learned that the security flaw in Internet Explorer (IE) is an attack from a nation-state. The nation-state was not named. Although the patch included a fix to address the vulnerability in Internet Explorer, the flaw triggering the warning message was not addressed and therefore can still notify you that you may be at risk.
The vulnerability could allow remote code to executed if a user views a specially crafted webpage using Internet Explorer. Cybercriminals will typically use phishing e-mails or instant messages containing links to the infected locations.
Until Microsoft releases the patch to address this issue, the company is offering a temporary solution that can be downloaded directly from Microsoft.
If you would like, we provide a Free Technical Assessment, this can be beneficial to new and startup companies that are not sure where to start. You can always find our cloud and hosted services in the right column of this page or by simply going to our website at Raven Cloud Computing