MICROSOFT IE ZERO-DAY VULNERABILITY (CVE-2014-1776)
THREAT OVERVIEW: On April 26th 2014, Microsoft released a security advisory (2963983) for a zero-day vulnerability in Internet Explorer (CVE-2014-1776). Exploitation of the vulnerability is reportedly being used in limited, targeted attacks. The vulnerability exists in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11. There is currently no patch available for this vulnerability and Microsoft did not provide a release date for a patch. Windows users running vulnerable versions of Internet Explorer are at risk, when visiting compromised websites containing malicious code to exploit this vulnerability. THREAT DETAILS: According to Microsoft, The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in
