Today, we released a security update to address the Internet Explorer (IE) vulnerability first described in Security Advisory 2963983. This security update addresses every version of Internet Explorer.

While we’ve seen only a limited number of targeted attacks, customers are advised to install this update promptly. The majority of our customers have automatic updates enabled and so will not need to take any action as protections will be downloaded and installed automatically. If you’re unsure if you have automatic updates, or you haven’t enabled Automatic Update, now is the time. 

For those manually updating, we strongly encourage you to apply this update as quickly as possible, following the directions in the released security bulletin.

We have made the decision to issue a security update for Windows XP users. Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system, such as Windows 7 or 8.1. Additionally, customers are encouraged to upgrade to the latest version of Internet Explorer, IE 11. You can find more information on the Microsoft Security Bulletin summary webpage.

We invite you to join Jonathan Ness and myself for a live webcast at 11 a.m. PDT tomorrow, where we’ll provide a detailed review of the bulletin. You can register here.

*Updated 5/2/2014 - The 11 a.m. webcast has reached capacity, so a second webcast has been scheduled for 2 p.m. on Friday, May 2. Details on registration can be found here.

For more information, please see the Microsoft News blog.

Dustin Childs
Group Manager, Response Communications
Trustworthy Computing