Microsoft releases emergency patches for Internet Explorer zero-day vulnerability

Microsoft releases patches for new vulnerability outside of the program, one of which is Internet Explorer-Critical Zero-Day, which is being actively exploited by cybercriminals. The vulnerability, discovered by Clément Lecigne of the Google Threat Analysis Team, and identified by ID CVE-2019-1367, is a remote code execution vulnerability in Microsoft Internet Explorer's scripts engine.
The vulnerability is a memory corruption issue that allows a remote attacker to gain control of his PC only by persuading the user to view a maliciously manipulated page while using Internet Explorer.
Microsoft in its advisory states that an attacker who successfully exploits this vulnerability can obtain the same user licenses as the current user. If the current user logs in with administrator user permissions, an attacker who successfully exploits this vulnerability can take control of an affected system.
This IE vulnerability affects versions 9, 10, and 11, and users should always apply updates released for each installed application. Users are strongly advised to use more secure web browsers such as Google Chrome and Mozilla Firefox as a replacement for Internet Explorer.
Since security updates are part of Microsoft security updates and one of them fixes exploited vulnerabilities, users are advised to apply this update as soon as possible.

Navigation