Microsoft issued a critical advisory about a zero-day vulnerability on Tuesday that affects all versions of Windows.
If Microsoft calls a vulnerability “critical” and releases a patch outside of its normal Patch Tuesday monthly schedule, you should take note.
Microsoft warns that vulnerable computers can be exploited just by visiting a maliciously-crafted webpage using Internet Explorer,, with no further user interaction required.
Microsoft new web browser, Microsoft Edge, which ships with Windows 10, is not at risk. The same cannot be said for all other versions of Internet Explorer, including version 11.
Microsoft’s advisory states:
“An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an instant messenger or email message that takes users to the attacker’s website, or by getting them to open an attachment sent through email.”
Once a computer has been compromised, the attacker would have the same rights to the computer as the current logged in account.
“If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system,” the bulletin says. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
The advisory also states that the vulnerability has already been exploited, which means it could be spreading quickly.
What Should You Do
If your company is an Managed Services client of The Miller Group then your machines are up to date as long as they are turned on.
You can check to see if your computer is up to date by running Windows Update.
This is not the first, nor will it be the last, zero-day vulnerability. It is possible for you to get infected before an update is released if you just rely on patches.
The Miller Group suggests a multi-layered approach that includes the following:
Web Protection
- Filter out unwanted URLs and block sites pushing malware.
Managed Antivirus
- Real-time protection against viruses
Patch Management
- Automatically detect, download & deploy missing patches.
- Install patches for Microsoft® & key third-party applications.
Contact The Miller Group for more information about any of our services.