News Vulnerability Management
Microsoft Issues Patch For Critical IE Vulnerability
Internet Explorer flaw could enable attackers to take over a user's computer
Microsoft has issued a patch to repair a critical vulnerability in Internet Explorer that could allow attackers to take control of an end user's computer.
More Security Insights
- Don't Get Stuck on Your Virtualization Journey: Where to Focus Next
- Taneja Group: Overview of Virtualization and Cloud Market Vendor Landscape for SMBs
- Desktop and Application Virtualization Best Practices
- Banking on Results: Turn an Avalanche of Data into Actionable Insight
The flaw enabled attackers to create new exploits that cheat two widely respected Microsoft security features and wage targeted attacks on end user computers.
The vulnerability could allow remote code execution if a user views a specially crafted Web page -- sometimes called a "watering hole" -- using Internet Explorer, Microsoft said. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.
The flaw affects users of Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8, Microsoft stated. Internet Explorer 9 and Internet Explorer 10 are not affected.
The security update fixes the vulnerability by modifying the way that Internet Explorer handles objects in memory, Microsoft said.
Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.