IEA new zero-day attack is targeting Internet Explorer users, prompting a warning from Microsoft. The zero-day threat is targeting a flaw in all versions of the browser, including Internet Explorer 6 / Windows XP, and could allow remote code execution. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. You can read more about it here.

Is a fix coming?

Due to the end of support for Windows XP and Windows Server 2003, which include Internet Explorer 6, there will not be a security fix for Internet Explorer 6 to patch this vulnerability. If you are running XP and/or Server 2003, we recommend that you upgrade as soon as possible to Windows 7/8.1 and Server 2012. This is only the first of multiple vulnerabilities and “hacker’s paradise” type scenarios that experts are predict will endanger XP users’ security. If you are running a later version of Windows and use Internet Explorer versions 7 through 11, you can expect that a fix will eventually patch this vulnerability. There are circumstances that mitigate this vulnerability and Microsoft has also listed some Suggested Action and workarounds for the meantime.

What should you do?

If you are an Always-On customer, All Mountain Technologies has already begun taking action to address this issue. On Monday morning we started evaluating the potential risk to users and have developed automated routines to implement the least impactful, but effective workaround as recommended by Microsoft. If your computer has been online in the past 48 hours, these workarounds should have already been implemented. If your computer has not been online in the past 48 hours, you should turn your computer on and leave it on to allow the workarounds to be applied. All Mountain Technologies will continue to monitor the situation and take any necessary action to ensure our Always-On customers and computers are protected. Once Microsoft publishes a permanent fix, our automated tools will revert the changes made to the workaround. If you would like assistance in upgrading systems with XP or Server 2003, please contact us for help at sales@allmtntech.com or 748-8880 opt 2.