Microsoft Issues Patch For Critical IE Vulnerability
Internet Explorer flaw could enable attackers to take over a user's computer
Microsoft has issued a patch to repair a critical vulnerability in Internet Explorer that could allow attackers to take control of an end user's computer.
More Security Insights
- 10 Steps to Cleaning up Active Directory
- The Active Directory Management and Security You've Always Dreamed of
- Innovations in Integration: Achieving Holistic Rapid Detection and Response
- COBOL in the Big Data Era: A Guide
The flaw enabled attackers to create new exploits that cheat two widely respected Microsoft security features and wage targeted attacks on end user computers.
The vulnerability could allow remote code execution if a user views a specially crafted Web page -- sometimes called a "watering hole" -- using Internet Explorer, Microsoft said. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.
The flaw affects users of Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8, Microsoft stated. Internet Explorer 9 and Internet Explorer 10 are not affected.
The security update fixes the vulnerability by modifying the way that Internet Explorer handles objects in memory, Microsoft said.
Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.