• Home
  • Apps
  • Apps News
  • Microsoft Issues Fix for Critical Vulnerability in Internet Explorer

Microsoft Issues Fix for Critical Vulnerability in Internet Explorer

Share on Facebook Tweet Share Reddit Comment
Microsoft Issues Fix for Critical Vulnerability in Internet Explorer

Less than 10 days after Microsoft released an out-of-band (unscheduled, emergency) security update to patch critical vulnerabilities in a number of products, the company on Tuesday rolled out another out-of-schedule security update. The update centres on fixing a vulnerability in Internet Explorer and has been flagged as 'critical' by Microsoft.

Microsoft noted a vulnerability in its Internet Explorer browser in an advisory posted on Tuesday. The vulnerability, if exploited, allows an attacker to remotely execute codes via a specially-crafted website. The flaw, which has been categorised by the company as "zero-day," targets the way Internet Explorer handles objects in memory.

"This security update resolves a vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user," wrote Microsoft in a blog post. "Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights."

The vulnerability affects Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 (also on Windows Server systems) - which essentially means that users on from Windows XP to higher versions are affected. Microsoft said that the Edge browser, which debuted in Windows 10, doesn't have the said vulnerability.

The comforting part of the news is that no user has been reported to be a target of the vulnerability as of now. The patch is available to download via Windows Update, as well as through Microsoft's website. Microsoft credited Google researcher Clement Lecigne for finding the flaw.

It is worth noting that Tuesday night's update is the third out-of-band security update sent by Microsoft in 2015. The company released another emergency update on August 11 which offered security patches for a number of Microsoft products.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Meizu MX5 With Fingerprint Scanner to Be Available Exclusively via Snapdeal
How Zomato Is Outshining Yelp in the Czech Republic
 
 

Advertisement

 

Advertisement

© Copyright Red Pixels Ventures Limited 2019. All rights reserved.