As a follow up to our earlier post, Microsoft Internet Explorer Security Bug Could Impact Millions of Users, we wanted to share what we’ve found out so far with respect to a fix for the latest IE flaw.
As of April 28, 2014, Microsoft has not provided a timeframe for a solution, and no workaround is available as of this time. Until a permanent solution is provided, we recommend that clients switch to other web browsers such as Google Chrome or Mozilla Firefox. If that option is not feasible, the following mitigations can reduce Internet Explorer’s attack surface:
Microsoft has the following Suggested Actions to mitigate your exposure.
Come back often or follow our tweets and we’ll keep you up to date on what’s happening with the fix.
Adobe Systems Inc. has shipped an emergency security update to fix a critical flaw in its Flash Player software that is currently being exploited in active attacks. The exploits so far appears to target Microsoft Windows users, but updates also are available for Mac andLinux versions of Flash.
The Flash update brings the media player to v. 184.108.40.206 on Windows and Mac systems, and v. 220.127.116.116 for Linux users. To see which version of Flash you have installed, check this link.
IE10/IE11 and Chrome should auto-update their versions of Flash. If your version of Flash on Chrome (on either Windows, Mac or Linux) is not yet updated, you may just need to close and restart the browser.