Microsoft Internet Explorer "Use-After-Free" Vulnerability

Over the weekend, a security flaw was discovered with Internet Explorer (IE) versions 6 through 11. The security flaw allows malicious hackers to get around security protections in the Windows operating system. They then can be infected when visiting a compromised website.  Microsoft is working a fix; however, at this time the Department of Homeland Security has recommended that you stop using Internet Explorer.


Here are some additional information regarding this vulnerability.

• 
  
• This security vulnerability infects the user’s Internet Explorer browser when they visit web sites with specifically crafted Shockwave Flash code and is not internal to Blackbaud products. Once exploited, this flaw allows malicious hackers to bypass security protections within the Windows operating system.
  
• Blackbaud Hosting Services sites do not use Shockwave, so your interaction with your hosted products is not vulnerable. However, we do recommend disabling Shockwave Flash, or enabling Enhanced Protected Mode in IE 10 or higher in order to protect your own enterprise.
  
• As a general best practice, we recommend that any user who works with sensitive information and accesses Blackbaud Hosted products via IE should only visit sites as required for business purposes.
  
• **Users of Windows XP will continue to be vulnerable to this issue even after MS patches IE due to the recent end of XP support. We recommend upgrading immediately if users are still on XP.
  

You can find this information in Knowledgebase solution Microsoft Internet Explorer "use-after-free" vulnerability.