Emerging Threats

New Internet Explorer vulnerability exposes serious phishing hole

Authored by a Symantec employee


What is it?

A serious vulnerability has been discovered in Internet Explorer that could potentially allow attackers to steal information from a website, as well as inject information into other websites. The vulnerability bypasses what is known as the Same Origin Policy in Internet Explorer, which is used to prevent scripts from one website reading or modifying data on another website. While there are no indications that this vulnerability has been exploited in the wild, there is concern that this vulnerability will allow attackers to craft an email containing a link to a compromised or malicious website. If a recipient were to click the link, the malicious website could allow the attacker to obtain sensitive information.

A security suite that helps protect your devices.

Free security software just doesn’t have the resources to keep up with new threats as they emerge. That’s why you need a multi-layered defense to security. Meet Norton Security Premium — protection for up to 10 of your devices.

Who is affected?

Computers running Internet Explorer 11 on versions of Windows 7 and 8.1.

How do I stay protected?

If you are concerned about this vulnerability, it is recommended to switch to a different web browser like Mozilla Firefox or Google Chrome, until Microsoft issues a patch.

Microsoft has not yet issued a patch or security advisory for this vulnerability. We will update this post once we learn more.

Our best protection. One low price

Norton Security Premium helps protect up to 10 of your Windows PCs, Macs, Android smartphones or your iPads.

Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.

Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the LockMan Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome and Android are trademarks of Google, LLC. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced and/or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other company names and product names are registered trademarks or trademarks of each company.