Scope

Internet Explorer has 11.19% of internet browser market share, with most of it coming from business users.ย  The vulnerability impacts:

  • Internet Explorer 11 from Windows 7 to Windows 10
  • Windows Server 2012, 2016, and 2019
  • Internet Explorer 9 on Windows Server 2008
  • Internet Explorer 10 on Windows Server 2012

 

Vulnerability Technical Description

There is a flaw in the browserโ€™s scripting engine that allows for remote code execution and corrupts memory. Hereโ€™s Microsoftโ€™s release.

 

In Laymanโ€™s Terms

Bad actors can draw your users running IE9, IE10 or IE11 to a malicious website. This could happen via a phishing email or by one of your employees stumbling upon a malicious website by accident. Depending on the administrative rights of the user, the attacker can then take control of the userโ€™s system and install malware, add additional user accounts, or modify, view, change, or delete data.

 

Agio Clients (who we manage patching for, specifically)

This patch will be rolled out tomorrow for our clients. Note: If for any reason this is not the case for a specific client, your Account Manager will reach out directly.

 

Cyber-Hygiene Reminders

  • Be extra sensitive to phishing campaigns this time of year โ€“ hackers leverage the giving season to their advantage.ย  They also know most of us are busy rushing around trying to wrap up work, attend holiday parties, and finish our holiday shopping.ย  When weโ€™re distracted, we click without thinking.
  • Ensure your systems have the latest patches.
  • If you’re using Internet Explorer, make sure youโ€™re running the most up-to-date version, and we urge you to apply the latest Windows updates as well.

Learn More About Our Serivces

See also  Turning Challenges into Change: Hedge Fund CFOs' Agenda for 2024