Quote:Microsoft has confirmed that a zero-day flaw in Internet Explorer is being exploited by malicious actors.
The vulnerability, impacts all Windows 10 versions, Windows 8.1, and the recently-discontinued Windows 7. Microsoft rated it as “moderate” on Windows Server devices and “critical” on client versions of Windows. Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 are all affected.
The remote code execution could allow cybercriminals to obtain the same rights as the logged-in user, which in the case of an administrator account means they could get full control of the compromised device.
An attacker can be carried out through a crafted website, Microsoft explains.
“A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user,” Microsoft says in an advisory.
Read more: https://news.softpedia.com/news/microsof...8903.shtml
![[-]](https://www.geeks.fyi/images/collapse.png)
