Dimension Data has uncovered two significant vulnerabilities in the Internet Explorer 8 and Windows XP systems that could allow remote parties to gain full control of a target PC.
The Wellington-based security company’s GM Phil Goodwin says in the past, organisations including Google have been victims of similar Internet Explorer security issues.
“Our security assurance team alerted Microsoft to the issue, which deployed a fix for the two vulnerabilities on 12 February as part of its monthly ‘Patch Tuesday’ release,” he says.
“Dimension Data has no reason to believe that anyone has fallen victim to an attack, but similar security issues have been targeted in spear phishing attacks in the past.
“Microsoft is thorough in its response when vulnerabilities are brought to its attention.”
Founded in 1983, Dimension Data works with clients’ Microsoft solutions, and is advising users to address the issue firsthand.
“We strongly recommend users apply the patch made available through the Windows Update website, to ensure they aren’t open to an attack,” Goodwin says.
“Our security assurance team performs routine penetration testing and provides advisory services to ensure the security of IT systems for our clients.
“It’s through their regular work that we can ensure security issues like this can be fixed quickly, with minimal disruption for businesses.”