We have some good and bad news for Microsoft fans who are using Internet Explorer as their default browser. Let’s start with the bad news. Microsoft announced that there is a security vulnerability in Internet Explorer’s system and that hackers can use it to execute malicious code. The good news is that Microsoft is aware of this security flaw and it has already started rolling out an emergency update that takes care of the problem.
Internet Explorer Security Vulnerability
“A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” said Microsoft in a recent blog post.
“Booby-Trapped” Websites
On the bright side of things, Microsoft doesn’t believe that many Internet Explorer users were affected by this security flaw. The reason why Microsoft is so confident in this claim is because Internet Explorer users had to visit “booby-trapped” websites where the security vulnerability could be exploited.
In addition, Microsoft made sure to credit Clement Lecigne of Google’s Threat Analysis Group for discovering the security vulnerability and reporting it to Microsoft.
Wrapping Things Up…
Even though this security vulnerability shouldn’t have been there in the first place, we have to give it to Microsoft for moving so quickly to patch the problem. Microsoft didn’t waste any time and enhanced Internet Explorer’s security as soon as it found out about the problem.
