Note: Microsoft has released a security patch for Internet Explorer 6 through 11 running on x86 and x64 Windows clients and servers. For Windows users, this update will require a reboot. You should consult with your unit’s IT personnel to determine when your computer will be patched.
OIT strongly encourages you to update your personal Windows computers on the NCSU network and to patch your home computers as well. For more details, see:
Both Microsoft and Adobe have recently discovered security bugs in their products that could allow hackers to remotely gain access to a user’s computer. Depending on the user’s access rights, the hacker can change or delete data, create new accounts and install programs without the user’s knowledge.
The unpatched vulnerability exists in:
- Microsoft Internet Explorer 6 through 11
Microsoft does not currently have a patch scheduled to update Internet Explorer (IE).
Adobe has already released patches for the following versions:
- Adobe Flash Player 220.127.116.11 and earlier versions for Windows
- Adobe Flash Player 18.104.22.168 and earlier versions for Macintosh
- Adobe Flash Player 22.214.171.1240 and earlier versions for Linux
The Office of Information Technology encourages you to protect yourself by following these recommendations:
- Use an alternate browser until a patch is available for those affected versions of Internet Explorer, unless IE is required for a specific application.
- Run IE with Protected Mode enabled.
- Set Internet and Local intranet security zone settings to “High.”
Adobe Flash Player
- Install Adobe Flash Player updates immediately.
- Consider using Qualys Browsercheck to verify you’re using the latest versions of Web browsers and plug-ins.
You should not:
- Visit untrusted websites or follow suspicious links from known or unknown sources.
- Open email attachments from unknown or suspicious sources.
For additional information, see:
- Microsoft Security Advisory: Vulnerability in Internet Explorer Could Allow Remote Code Execution
- Adobe Security Bulletin: Security Updates Available for Adobe Flash Player
This information is also available via SysNews