Zero-Day Vulnerability in Internet Explorer

On April 26, 2014 Microsoft released Security Advisory 2963983 for Microsoft Internet Explorer. This issue is a zero-day vulnerability, which means the exploit depends on a flaw already present in affected systems. There is steady activity underway at Microsoft and the various security product vendors such as McAfee and Symantec to mitigate this risk.

Because this issue is non-specific to PCRecruiter and involves the administration of our customer's computer systems, Main Sequence has no recommendation on the use / non-use or configuration of Internet Explorer. PCRecruiter offers Java downloads for use with Chrome, Safari, and Firefox browsers, but we have not tested all versions of those browsers in all possible environments.

Reports indicate that operating Internet Explorer with "Enhanced Protected Mode" configured or using the Enhanced Mitigation Experience Toolkit (EMET) version 4.1 or the new 5.0 Tech Preview edition will avoid the vulnerability. PCRecruiter has been tested to a limited extent with "Enhanced Protected Mode" and appears to operate normally. You will need to ensure that EMET is configured to protect IE if you select that option.

If you experience unexpected system behavior when using PCRecruiter with any browser, our technical support staff can process error reports and work with you to resolve issues.

Please see this item regarding the vulnerability for more information:

http://blog.securestate.com/cve-2014-1776-internet-explorer-0-day-vulnerability/