Microsoft Rolls Out MS14-021 Security Bulletin Patch For Multi-Version Internet Explorer Zero-Day Bug

It did not take long for Microsoft to address what was looking to be one of the largest security flaws in the history of the Internet. The Internet Explorer Zero-Day Bug may have turned out to be a major scare for over a quarter of the entire Internet-connected computer market, which accounts for the 26% of estimated users utilizing a version of the Internet Explorer web browser application.

The Internet Explorer Zero-Day bug was an unexpected event that affected all versions of IE, particularly IE versions 9, 10 and 11. The vulnerability found in Internet Explorer was that of a component in Adobe Flash, which could allow remote hackers to flood a system with unknown malware threats potentially causing serious issues and damages to an affected system.

Before the fix to the IE Zero-Day bug, users of Internet Explorer were almost left in the cold for several days as many security outlets advised users to use an alternative web browser or disable Adobe Flash altogether. In either circumstance, Internet Explorer users were will be wary of the next time they use the browser. Moreover, those who took the liberty to cease use of IE and utilize an alternative web browser, as suggested many including The U.S. Department of Homeland Security via their US-CERT (United States Computer Emergency Readiness Team), may not return to using Internet Explorer.

The Microsoft update to fix the IE Zero-Day bug can now be supplied through the Microsoft Security Bulletin MS14-021 update. Additionally, there is an alternative update, KB2964358, which may be used to update those running older versions of Windows including Windows XP. It is interesting to comforting that Microsoft has applied the IE Zero-Day Bug fix for Windows XP users, considering how support and updates for XP ceased earlier this year.

It is possible, by providing a fix to the IE Zero-Day Bug in an expedited manner, that Microsoft helped avert a disaster where unknown malware threats are propagated through use of Internet Explorer. So far, it has been found that the bad guys who took advantage of the Internet Explorer bug initiated what Microsoft called "limited targeted attacks." These attacks did not use malicious web links indiscriminately, but instead to focus on undisclosed victims on a small scale.

For most, the attacks that came about as a result of the IE Bug, were limited due to the several advanced warnings sent out and advisories of temporarily discontinuing use of IE or disabling Adobe Flash. Now, with the calm after the storm, we will await any confirmations with specific types of malware that may have infiltrated systems affected by the IE Zero-Day Bug.