PhotoHeads up, Internet Explorer users! Microsoft issued an emergency software patch early Thursday to sew up a major security hole in its Internet Explorer (IE) web browser that allows hackers to weasel their ways into Windows-based computers.

Microsoft has Google to thank for its quick response. Google tipped off its fellow tech titan that the browser’s vulnerability would allow an attacker to engineer arbitrary code in the context of the current user.

If an attacker was successful in hacking their way in, the vulnerability could gain the con artist the same user rights as the current user. Once inside, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights.

“In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email,” wrote Microsoft.

En garde

According to KrebsOnSecurity and their sources at cyber exposure company Tenable, the vulnerability affects these versions of Internet Explorer:

  • Internet Explorer 11 on Windows 7 to Windows 10 in addition to Windows Server 2012, 2016 and 2019

  • Internet Explorer 9 on Windows Server 2008

  • Internet Explorer 10 on Windows Server 2012

“Customers who have Windows Update enabled and have applied the latest security updates, are protected automatically,” wrote Microsoft in its warning message. “We encourage customers to turn on automatic updates.”

Are you a Windows 10 user? You can manually check for updates here. For assistance related to earlier versions of Windows, go here.

There was no word on any vulnerability for users who employ Microsoft’s browser extension for Google Chrome.


Share your Comments