A very serious security vulnerability has been identified with Microsoft Internet Explorer browsers that could severely impact systems. The vulnerability was classified as a zero-day exploit as there are presently no available patches to address the security flaw. Microsoft is aware of the vulnerability and has released a security advisory to track this issue. Threat actors are actively using this exploit. This is a significant zero-day exploit as the vulnerable versions represent about a quarter of the total browser market. All versions of Microsoft Internet Explorer appear to be vulnerable. UMass Lowell Information Technology (IT) is monitoring the network for signs of this particular exploit. In the meantime, we strongly urge everyone to use other Internet browsers if possible. Examples of browsers to use are Mozilla Firefox, Apple Safari and Google Chrome. If you do not have a secondary Internet browser on your system, please contact the Help Desk and they will assist you in downloading an additional browser.
What else can we do to protect ourselves?
UMass Lowell IT recommends all users refrain from using Internet Explorer at home or at work until an approved patch has been applied. UMass Lowell IT will see that the patch is applied for all Windows systems on Active Directory. You should take the necessary steps to apply the approved patch one it becomes available on all other personally owned Widows devices.
Don’t be lured by Phishing
This particular vulnerability is exploited by visiting nefarious and fraudulent web sites. Remember never, ever click on any link or open any attachment that is sent to you via email unless you know the individual or entity and were expecting the message and the attachment or link.
What if I have a question?
Contact the Help Desk at 978-934-HELP.
If you have additional security concerns, please email firstname.lastname@example.org