Microsoft Offers Workaround — Not a Fix (Yet) — for IE Security Flaw

Internet Explorer

Microsoft has yet to patch its latest critical Internet Explorer zero-day security flaw, but an advisory about the bug now offers two temporary solutions. Updated on Monday, Microsoft Security Advisory 2963983 offers new information about the new zero-day vulnerability that affects all versions of Internet Explorer. The flaw could allow remote code execution and has already been used in “limited, targeted attacks,” Microsoft revealed, though those attacks have so far affected only IE versions 9, 10, and 11. And the potential reach of the bug could be widespread. Estimates of IE usage range from about 22 percent of people browsing the Web (StatCounter) to more than half of the desktop browser market (NetMarketShare). The vulnerability is so severe that even US and UK security agencies have advised people to stop using IE for now.

Read the full story at CNET.

Author: