Internet Explorer (IE) Vulnerability – Patch Now Available

Update about Available Patch

May 2, 2014 Update: Microsoft has released a patch that resolves the vulnerability in Internet Explorer. We recommend that you check with your IT department to confirm that the patch has been properly applied. You can read more about the patch in the Microsoft Security Bulletin MS14-021.

Vulnerability Overview

On April 26, 2014, Microsoft notified customers of a vulnerability in Internet Explorer (for details, see Microsoft Security Advisory 2963983).  Exploits of this vulnerability have been reported in the wild and Microsoft has communicated that they are working on a fix. This vulnerability can be exploited by an attacker if a user visits a compromised or malicious website with any version of Internet Explorer from a computer that also has Adobe Flash installed.

OCLC has reviewed this vulnerability for any impact. Due to the client-side nature of this vulnerability, we have determined that OCLC services are not vulnerable. Customers can be assured that their access and use of any OCLC service remains secure. (For more information on OCLC security practices, see OCLC's Commitment to Secure Library Services.)

Customers are encouraged to follow Best Practices for protecting their computer and information assets. These Best Practices include enabling and using a firewall, applying all software updates, and installing antivirus and antispyware software. Microsoft has additional guidance and specifics in their Safety & Security Center.

Additionally, security experts are encouraging users to consider using alternative browsers (such as Firefox or Chrome) until Microsoft has released a patch for Internet Explorer.

OCLC also encourages everyone to exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders.

For more information, visit the following resources:

OCLC Browser Compatibility

Application Version of IE Chrome** FireFox** Safari**
Connexion  6 through 8   3.0.6 or Higher  
CONTENTdm 10 and 11 X X X
FirstSearch  7 or Higher X X X
ILLiad 7 or Higher (Patron)      
QuestionPoint  8 or Higher X X X
WebDewey 7 or Higher X X X
WorldCat Discovery 9 or 10 X X X
WorldCat knowledge base    X X  
WorldCat Local  9 or 10 X X X
WorldShare Collection Evaluation   X X X
WorldShare Metadata Collection Manager    X X* X
WorldShare ILL  9 or 10 33.0.1750.146 m & Higher 27.0.1 & Higher*  
WorldShare Management Services (Acquisitions, Circulation, License Manager, Analytics)   X X* X

*Firefox is the preferred browser

**Current version unless otherwise noted