Windows 10 News and info | Forum
September 20, 2020, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Microsoft will fix an Internet Explorer security flaw under active attack  (Read 491 times)
javajolt
Administrator
Hero Member
*****
Offline Offline

Gender: Male
United States United States

Posts: 31796


I Do Windows


WWW Email
« on: January 19, 2020, 12:20:38 AM »
ReplyReply

Mozilla isn't the only one grappling with a serious web browser security flaw. Microsoft has confirmed to TechCrunch that it will fix an Internet Explorer security exploit already being used for "limited targeted attacks."

The vulnerability lets attackers corrupt memory used for the scripting engine in IE9, IE10 and IE11 in a way that would let the intruder run arbitrary code with the same permissions as the user, letting them hijack a PC. It's believed to be similar to the Firefox issue disclosed a week earlier.

The issue is significant enough that Homeland Security issued an advisory encouraging people to both be aware of the flaw and consider implementing workarounds, including temporarily restricting access to jscript.dll.

Unlike the Firefox bug, though, you'll have to wait a while for a patch. Microsoft said it wasn't likely to provide its fix until its next monthly security release, slated for February 11th. Until then, you'll either have to consider workarounds or be cautious about clicking links to visit unfamiliar sites.

The risks might not be extremely high given the modern browser market. Microsoft has largely shoved Internet Explorer to the side in favor of Edge, which just got a major Chromium-based update on January 15th, and you're statistically more likely to use a third-party browser like Chrome.

Nonetheless, it's a headache -- Microsoft's past is coming back to haunt its present.

source
Logged


Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page September 15, 2020, 01:17:15 PM