Are you aware of the Internet Explorer “Use-After-Free” Vulnerability?
Published
One of the Blackbaud Hosting Services team’s most important priorities is security, and as such we wanted to fill you in on the Use-After-Free vulnerability that was discovered with Microsoft’s Internet Explorer versions 6 through 11 (see Microsoft’s official security advisory here) . We wanted to share some important items regarding this vulnerability.
For more information, please take a look at our Knowledgebase solution, Microsoft Internet Explorer “use-after-free” vulnerability.
- This security vulnerability infects the user’s Internet Explorer browser when they visit web sites with specifically crafted Shockwave Flash code and is not internal to Blackbaud products. Once exploited, this flaw allows malicious hackers to bypass security protections within the Windows operating system.
- Blackbaud Hosting Services sites do not use Shockwave, so your interaction with your Hosted products is not vulnerable. However, we do recommend disabling Shockwave Flash, or enabling Enhanced Protected Mode in IE 10 or higher in order to protect your own enterprise.
- As a general best practice, we recommend that any user who works with sensitive information and accesses Blackbaud Hosted products via IE should only visit sites as required for business purposes.
- **Users of Windows XP will continue to be vulnerable to this issue even after MS patches IE due to the recent end of XP support. We recommend upgrading immediately if users are still on XP.
For more information, please take a look at our Knowledgebase solution, Microsoft Internet Explorer “use-after-free” vulnerability.
News
ARCHIVED | Hosting Blog
04/30/2014 12:25am EDT
Leave a Comment