Resolving an Internet Explorer Critical Vulnerability that Affects Tableau

Issue

Microsoft announced a critical vulnerability in its Internet Explorer product. This vulnerability allows remote code execution and denial of service attacks.

This issue can affect you if your Tableau workbook contains a dashboard on which you included either of the following:

A web part that targets a malicious site.
A URL action that directs to a malicious site.

Environment

Microsoft Internet Explorer 6, 7, 8, 9, 10, and 11
All Tableau Desktop products, including Professional, Personal, Public, and Reader editions

Resolution

Install the latest Internet Explorer security update from Microsoft, which fixes this vulnerability. This security update is available through Windows Update. For more information, see Microsoft Security Bulletin MS14-021 - Critical, MS14-035: Cumulative Security Update for Internet Explorer, and Microsoft Security Bulletin MS14-060 - Important.

Tableau products honor the settings in Internet Explorer that resolve this issue.

Cause

Tableau Desktop editions use Internet Explorer to display web parts in dashboards and to preview results of workbooks published to a Tableau server product—including Tableau Server, Tableau Online, and Tableau Public.