Microsoft Issues Patch For Critical IE Vulnerability
Internet Explorer flaw could enable attackers to take over a user's computer
Microsoft has issued a patch to repair a critical vulnerability in Internet Explorer that could allow attackers to take control of an end user's computer.
More Security Insights
- Forrester Study: The Total Economic Impact of VMware View
- Securing Executives and Highly Sensitive Documents of Corporations Globally
- Top Big Data Security Tips and Ultimate Protection for Enterprise Data
- Smarter Process: Five Ways to Make Your Day-to-Day Operations Better, Faster and More Measurable
The flaw enabled attackers to create new exploits that cheat two widely respected Microsoft security features and wage targeted attacks on end user computers.
The vulnerability could allow remote code execution if a user views a specially crafted Web page -- sometimes called a "watering hole" -- using Internet Explorer, Microsoft said. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.
The flaw affects users of Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8, Microsoft stated. Internet Explorer 9 and Internet Explorer 10 are not affected.
The security update fixes the vulnerability by modifying the way that Internet Explorer handles objects in memory, Microsoft said.
Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.