Adobe said that it had pushed out an update for Flash that should put a stop to a series of attacks being carried out against users of Microsoft’s Internet Explorer Web browser.
Microsoft issued a related advisory on the issue concerning several versions of Windows and IE. The vulnerability takes advantage of a bug related to Flash as part of the way it attacks users systems.
The update comes on the same day that the U.S. government took the unusual step of suggesting that IE users consider switching to another browser.
That at least was one bit of official advice from US-CERT, the United States Computer Emergency Readiness Team, in response to the disclosure over the weekend of a significant zero-day vulnerability that affects IE versions 6 through 11, or more than half of the Web browsers in use around the world.
The organization, a branch of the U.S. Department of Homeland Security, said it was aware of “active exploitation” of the vulnerability, meaning attacks against unwitting users, which could “lead to the complete compromise of an affected system.” US-CERT went on in a more detailed bulletin to repeat what the security company FireEye reported over the weekend, that the attack involves enticing users to click through to specially created Web pages that exploit the vulnerability. So as always, be mindful of what links you click.
If you’re using IE as your browser of choice, be sure to download the updates and follow Microsoft’s advice.
