What is it?

A serious vulnerability has been discovered in Internet Explorer that could potentially allow attackers to steal information from a website, as well as inject information into other websites. The vulnerability bypasses what is known as the Same Origin Policy in Internet Explorer, which is used to prevent scripts from one website reading or modifying data on another website. While there are no indications that this vulnerability has been exploited in the wild, there is concern that this vulnerability will allow attackers to craft an email containing a link to a compromised or malicious website. If a recipient were to click the link, the malicious website could allow the attacker to obtain sensitive information.

Who is affected?

Computers running Internet Explorer 11 on versions of Windows 7 and 8.1.

How do I stay protected?

If you are concerned about this vulnerability, it is recommended to switch to a different web browser like Mozilla Firefox or Google Chrome, until Microsoft issues a patch.

Microsoft has not yet issued a patch or security advisory for this vulnerability. We will update this post once we learn more.