Microsoft Internet Explorer Vulnerability – April 28, 2014

Updated May 2, 2014:
Microsoft has released out-of-band updates to address this critical vulnerability in Internet Explorer. This update includes all Internet Explorer versions 6 through 11. It is recommended that all Microsoft Windows users download and install this update immediately.

It is recommended that system administrators and users review the Microsoft Security Bulletin and apply the necessary updates as soon as possible.

Microsoft Security Bulletin MS14-021

 

A new vulnerability has been discovered in Microsoft Internet Explorer that may allow unauthenticated attackers to remotely control a vulnerable system. The remote attack works by exploiting a known flaw in Adobe Flash objects when viewed in Internet Explorer versions 6 through 11.

At this time there is no known fix to the issue and users are advised to avoid using Internet Explorer until a fix has been released. System administrators may also deploy the Microsoft Enhanced Mitigation Experience Toolkit (EMET) to prevent exploitation of this vulnerability.

More information about the vulnerability and some work arounds can be found below: