Microsoft releases Fix it for critical IE8 0-day
Posted on 09 May 2013.
Microsoft has released a one-click Fix it for mitigating the effect of the IE 8 zero-day vulnerability that is being used in watering hole attacks in the wild.

Given that a Metaspolit module exploiting the vulnerability has already been released, it's just a matter of time until the exploit is integrated in a malicious exploit kit.

IE 8 users are advised to upgrade to IE 9 or 10, but those who are unable to do it for whatever reason would do well to download and install the Fix it. Applying it does not require a reboot.

Users who don't know which version of the browser are using can check by opening Internet Explorer, pressing ALT+H, and then click "About Internet Explorer".

Microsoft is working on a patch for the flaw, but is still unknown whether it will be included in this month's Patch Tuesday.









Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Nov 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //