Microsoft Patches Critical Vulnerabilities in Internet Explorer

Spread the love

Microsoft has released a patch for critical Internet Explorer vulnerabilities that could give attackers the same privileges as the current user. For this, victims must visit a site prepared by the attackers.

The vulnerabilities are in all versions of Internet Explorer from version 7 and up and thus affect all Windows versions that Microsoft supports, namely Vista, 7, 8, 8.1 and 10. The vulnerability is in the way Internet Explorer addresses objects in memory, writes Microsoft.

The finders of the various vulnerabilities, including security firm FireEye, Trend Micro and Verisign, have not yet disclosed the details of the vulnerabilities, leaving it unknown how exactly they work. The result of an attack with these vulnerabilities, according to Microsoft, is that if attackers use a designed site, they are given the same rights on the PC as the user. So if the user is an administrator, the attackers get those rights too. Microsoft has therefore labeled the leaks as critical.

The vulnerability is only in Internet Explorer and not in Microsoft’s Edge browser on Windows 10 or other browsers such as Chrome, Opera and Firefox. The patch is part of Microsoft’s monthly update for Windows and will therefore be delivered to users via Windows Update on PCs.

You might also like