Microsoft rolls out emergency patch for Internet Explorer zero-day flaw
- The IE zero-day flaw could grant full access to victims’ computers.
- Internet Explorer 9, 10, 11 affected.
- The zero-day flaw was discovered by Google’s Threat Analysis Group.
The Internet Explorer zero-day flaw allowed attackers to take control of victims’ computers by executing code remotely when users visit malicious websites. It was identified by Clément Lecigne who is a part of Google’s Threat Analysis Group – the same group had earlier identified and reported an advanced Chinese iPhone malware campaign.
TOP VIDEOS FOR YOU
Attacker could gain full control
AdvertisementExplaining the flaw, Microsoft noted that attackers could end up gaining administrator rights if the affected user is an administrator. The attacker could install new programs, add, modify or delete data, or even create new user accounts with full rights.
“A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could run arbitrary code in the context of the current user. The security update addresses the vulnerability by changing how the scripting engine handles objects in memory,” the CVE page revealed.
Although Microsoft has been advising Windows users to switch Edge, Internet Explorer is still used by a sizable number of users. According to the latest report by StatCounter, Internet Explorer has a 4.4% market share globally, just a shade lower than Edge’s 4.71% share.
Windows Defender also gets a security fix
Apart from the fix for Internet Explorer, Microsoft has also issued a patch for Windows Defender Denial of Service vulnerability. Initially reported by Charalampos Billinis from F-Secure Countercept and Wenxu Wu from Tencent Security Xuanwu Lab, this vulnerability is not as serious as the Internet Explorer zero-day. Microsoft says that this vulnerability does not seem to have been exploited as of now.
- India’s largest home loan provider HDFC has given real estate stocks another reason to rally
- India’s Covaxin effective against Delta Plus variant of COVID-19, reveals ICMR study
- China’s crackdown on cryptocurrency trading will continue as its central bank raises the heat on financial institutions
- COVID-19 is back in Wuhan and many other parts of China that have been ‘virus free’ for months
- Fevicol bonds with 100+ brands on Friendship Day by becoming the stickiest comment on the internet