I felt this should have its own thread.
I believe Microsoft has already created a fix for this. KB2961887
Ever since IE10, the browser has offered an Enhanced Protected Mode (EPM). You won't be vulnerable to the bug with EPM enabled, according to FireEye, and it's listed as one of the workarounds Microsoft recommends on its explainer page.
Windows updates has the fix for windows 8/IE11 not sure about other systems
Adobe came up with two emergency fixes, see: http://helpx.adobe.com/security/products/flash-player/apsb14-13.html
but users are still asked to refrain from using Blue E for the time being:
http://www.us-cert.gov/ncas/current-activity/2014/04/28/Microsoft-Internet-Explorer-Use-After-Free-Vulnerability-Being
If you cannot do without using IE version 6 up to and including 11, then use additional EMET 4.1 to be more secure.
At the moment there are safeR alternatives like Opera, Firefox, Safari, Chrome.
For Chrome Adobe Flash Player is automatically being patched internally.
pol
Avast responds to IE hacking.
http://blog.avast.com/2014/04/29/internet-explorer-users-avast-has-got-your-back-for-free/
Will re-post in “security” thread and in “blog” thread.
edit: additional
Hi, could you tell me another security program(freeware) that works well with MBAM (freeware) 2 that work well together?
Thanks
Is it a good idea to use something else besides IE11 on my computer until Microsoft releases a patch?
I use Firefox (preferred) or Chrome. IE is needed for Windows updates, other than that I never use it.
This should have been in a thread of its own. To answer your question I use avast free, MBAM, Comodo Firewall v5.12 and a nice addition would be MCShield. Check out our signatures for more ideas. Each user have their likes and dislikes. But MBAM is always a great software to have.
Still not fixed!
http://www.tomsguide.com/us/zero-day-internet-explorer,news-18697.html
http://www.nbcnews.com/tech/security/no-internet-explorer-bug-isnt-fixed-despite-reports-n92426
@Coolmario88,
Yes for the time being you should consider not to use IE to go onto the Internet, and yes, also IE version 11 is vulnerable.
Some security researchers have stated now that the recent hack has shown there are serious underlying development insecurities inside Blue E.
They wonder whether this could not lead to the final undoing of M$ IE as a secure browser.
Again and again we have seen new leaks and the use of so-called Feng Shui heap spraying in combination with Flash exploitation technique to achieve arbitrary memory access and bypass/circumvent Windows’ ASLR and DEP protections. Later we also may see attempts to bypass protections that use hardware breakpoints, such as EMET’s EAF mitigation.
I cannot see why so many (55% of users) still use this browser or return to this (ex)-browser that may have hurt them that much.
Another fact is that the browser is also a royal way into the OS and because of the browser being an integral part of the MS OS it should always and under all circumstances be fully upgraded and patched/fixed.
We are still waiting for that fix to arrive: → http://www.forbes.com/sites/gordonkelly/2014/04/28/microsoft-races-to-fix-massive-internet-explorer-hack-no-fix-for-windows-xp-leaves-1-in-4-pcs-exposed/ link article author Gordon Kelly.
The advice to not use IE for the time being is a general and global advice (from US government, UK authorities , Dutch police cyber threat team, German authorities etc.). Also for those for which IE equals the only way they have known to venture out to the Interwebs, it will mean that until this hack is fixed we all say, please use an alternative browser.
polonus
Already told the school techies. I saw that is the paper today that Microsoft had released that statement.