SUBTITLE: Remote Code Execution | CVE-2014-1776
ACTIONS: Install Microsoft Security Update
A very severe vulnerability has been recently discovered in all versions of Internet Explorer for all versions of Microsoft Windows. This vulnerability would allow an attacker to execute remote code if a user visits a malicious website. This vulnerability is being actively exploited in the wild, which means that there are confirmed cases of attackers targeting websites right now.
As of the time of this message, Microsoft has not released any security update to remediate this issue. As soon as an update is released, the Mytech Network Operations Center (NOC) will determine an appropriate deployment strategy for our Managed Services customers. Please note that Microsoft has stated that Windows XP will no longer be supported with security updates - so Mytech does not anticipate any official fix for an XP machine.
There are some steps that we can take to minimize the risks to your network, even without an official update. The most important step that our users can take to protect themselves is to limit their web browsing to the normal sites required while conducting their business. Because this particular exploit is taking advantage of Internet Explorer browsers using Flash, using an alternative browser like Chrome or Firefox to surf the web or disabling Flash for Internet Explorer will also reduce the chance of a successful attack. Similarly, this attack will be ineffective against users that are not local administrators on their computers.
In some cases, our customers may not be able to implement any of the steps outlined here to reduce risks. Mytech does have some additional advanced mitigation techniques that can be performed on a case by case basis.
When we have more information on an official fix for this vulnerability, we will contact our customers with a plan to get the update installed.
For more information on this vulnerability, please see Microsoft's Security Advisory 2963983