Carnegie Mellon University
January 15, 2013

Security Alert: Critical Vulnerability in Internet Explorer 6, 7 & 8

WHOM DOES THIS AFFECT?

Windows users running Internet Explorer versions 6, 7 or 8


SUMMARY:

A critical vulnerability has been discovered in Internet Explorer that could be exploited to compromise computers. Microsoft has released a security update to correct this vulnerability. All Microsoft Windows users should run Windows Update to ensure this latest security update is installed. The Information Security Office will continue to monitor for and block known malicious websites that are exploiting this vulnerability.


WHAT YOU NEED TO DO:

Run Windows Update as soon as possible. Details on how to run Windows Update can be found on Microsoft’s website.

http://windows.microsoft.com/en-US/windows/help/windows-update
 
Microsoft Windows users can validate what version of Internet Explorer is installed by using the Patch Check tool available on the Information Security Office website.

https://www.cmu.edu/iso/patch-check/


MORE INFORMATION:

Additional information about this vulnerability can be found at:

http://technet.microsoft.com/en-us/security/bulletin/ms13-008


CONTACT:

Please direct any questions or comments to the Computing Services Help Center (412-268-HELP or it-help@cmu.edu) or to your departmental administrator or DSP consultant.