WHAT'S HAPPENING?
Attackers are actively exploiting a previously unknown vulnerability in versions 6-11 of Internet Explorer (IE) that allows them to surreptitiously hijack vulnerable computers.


WHY IS IT HAPPENING?
When an affected version of IE is used to access a malicious web site, attackers can silently take over the user's computer. Further details regarding this vulnerability are available at the following URL's:

http://arstechnica.com/security/2014/04/active-0day-attack-hijacking-ie-users-threatens-a-quarter-of-browser-market/

http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html


WHO IS AFFECTED?
Currently, the attacks have been observed targeting versions 9-11 of IE.  However, anyone using one of the affected versions of IE to browse the Internet on any version of Microsoft Windows could be affected.


WHAT DO YOU NEED TO DO?
Affected users should not use IE to browse the Internet until a patch has been released. It's recommended to use an alternate browser such as Firefox.  If you have a critical need to use IE before a patch is released, Microsoft recommends the installation of EMET (Enhanced Mitigation Experience Toolkit) or other workarounds as listed under Suggested Actions at http://technet.microsoft.com/en-us/library/security/2963983.


WHO SHOULD YOU CONTACT FOR QUESTIONS?
The TSO Help Desk (CCB 148, 404-894-7065, helpdesk@cc.gatech.edu).