• Home
  • Apps
  • Apps News
  • Microsoft Says Will Fix Internet Explorer Security Flaw Under Active Attack

Microsoft Says Will Fix Internet Explorer Security Flaw Under Active Attack

The Microsoft Internet Explorer vulnerability was first reported by US Homeland Security on Friday evening.

Share on Facebook Tweet Snapchat Share Reddit Comment
Microsoft Says Will Fix Internet Explorer Security Flaw Under Active Attack

The vulnerability was first reported by US Homeland Security on Friday evening

Highlights
  • Microsoft has confirmed a security flaw affecting Internet Explorer
  • It is currently being used by hackers
  • Microsoft is working on its fix

Microsoft has confirmed a security flaw affecting Internet Explorer is currently being used by hackers and it is working on a fix, to be released at a later date.

The vulnerability was first reported by US Homeland Security on Friday evening, although the issue is not limited to American devices.

Overall, Microsoft said all supported versions of Windows are affected by the flaw, including Windows 7, which after this week will no longer receive security updates.

The vulnerability was found in how Internet Explorer handles memory. An attacker could use the flaw to remotely run malicious code on an affected computer, such as tricking a user into opening a malicious website from a search query or a link sent by email, TechCrunch reported recently.

"The company is only aware of limited targeted attacks for which it is already working on a fix," the report quoted a Microsoft spokesperson.

The tech giant assigned the bug with a common vulnerability identifier, CVE-2020-0674, but specific details of the bug have yet to be released.

Qihoo 360, a China-based security research team helped Microsoft in finding this flaw and it is believed to be a similar vulnerability as one disclosed by Mozilla, the maker of the Firefox browser.

As per report, neither Qihoo, Microsoft, nor Mozilla said how attackers were exploiting the bug, who the attackers were, or who was being targeted.

Microsoft assigned the bug with a common vulnerability identifier, CVE-2020-0674, but specific details of the bug have yet to be released.

Additionally, according to information gathered by PreciseSecurity.com, Microsoft Office products were the most commonly exploited by cyber-criminals around the world and nearly 73 percent of cyber exploits were performed in MS Office products in the third quarter of 2019.

MS Office products were followed by Browsers with 13.47 percent of the total number of exploits by cyber-criminals, Android with 9.09 percent, Java with 2.36 percent, Adobe Flash with 1.57 percent and PDF with 0.66 percent.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Further reading: Microsoft, Internet Explorer
SpaceX Says 'Picture Perfect' Crew Dragon Test Paves Way for Human Mission

Related Stories

 
 

Advertisement

 

Advertisement

© Copyright Red Pixels Ventures Limited 2020. All rights reserved.