Microsoft issues patch for Internet Explorer vulnerability found by Google
Earlier this month, Microsoft announced a zero-day vulnerability in Internet Explorer (IE) that left users computers open to malicious attacks. Microsoft has now issued a patch for the vulnerability, and likely owes Google a huge thank you for finding the flaw in the first place.
The flaw was prevalent in IE9 and IE10 for some Windows Server systems and IE11 for machines running Windows 7, Windows 8, Windows 8.1, and Windows 10, as well as Windows Server 2012, 2016, and 2019. The vulnerability affected IE’s scripting engine and how it handles memory management. An attacker could break into a computer should the unwitting victim visit a website set up to take advantage of the weakness. An attack could be executed by simply sending the victim a link to a trapped website.
Once the hacker broke into a targeted system, they could have full control of the machine, allowing them to install programs, edit data, or even create an administrator account. The flaw was brought to Microsoft’s attention by engineers at Google.
Microsoft states that users with Windows Update enabled need only to apply the latest security patch and the flaw will be fixed. The company is urging Windows users who have not yet installed the latest security update to do so immediately.