Last week Microsoft announced 10 bulletins for May Patch Tuesday. Among these should be a fix for Security Advisory 2847140 which is a major cyber security threat targeting IE 8. Microsoft released a Fix IT for this vulnerability last week in an effort to help reduce risk of exposure to this threat. The vulnerability could be used in what is referred to as a watering hole attack, in which an attacker would exploit a third-party site that a particular group would tend to frequent.
The hope being that any one of the intended group would visit the exploited site and if using IE 8 could be exploited in turn. There is probably evidence that this vulnerability could already have been exploited in the wild as far back as March of this year.
Join us on Wednesday, May 15 as we discuss the patches that Microsoft will release tomorrow as part of the May Patch Tuesday. We will also discuss third-party releases for Patch Tuesday as well as recap all bulletins released for the Shavlik Protect products since the April Patch Tuesday. Sign up for this and other Shavlik product webinars here.