If you’re one of the many that still use Internet Explorer on Windows 10, for one reason or another, or on a previous version of the operating system, then you are strongly recommended to deploy a patch.
A patch that Microsoft developed after confirming a Critical vulnerability in IE — one that was discovered by a Google security researcher.
One by the name of Clement Lecigne.
Apparently, this flaw affects absolutely all versions of Internet Explorer that are on the market. So it matters not what flavor of Windows you are running, IE is vulnerable to attacks, unless you patch your systems now.
The official advisory released by Microsoft explains that this 0-day flaw requires an attacker to get the vulnerable machine to load a compromised website. As it so often happens with browser exploits:
“The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.”
In case you’re wondering, Microsoft Ede, the new default web browser in Windows 10 is not affected at all by this security vulnerability.
Anyway, the software titan has made the patch available via Windows Update, but at the same time, the company recommends users to upgrade to Windows 10 and the Edge browser to benefit from enhanced security and an improved feature set.
Also, if you’re still using Internet Explorer, it’s best to avoid clicking on links coming from unknown or suspicious sources.
source:windows10update
