Microsoft issues patch for Internet Explorer vulnerability found by Google

Microsoft has issued a patch to fix a day-zero security flaw in Internet Explorer that affected a myriad of versions and systems. The flaw, which affected IE's scripting engine and how it handles memory, could allow attackers to break into a targeted system and assume full control. Attackers could then view and edit data, install programs, and create administrator accounts. Google alerted Microsoft to the vulnerability earlier this month.

Sam Medley, Published 12/20/2018

Earlier this month, Microsoft announced a zero-day vulnerability in Internet Explorer (IE) that left users computers open to malicious attacks. Microsoft has now issued a patch for the vulnerability, and likely owes Google a huge thank you for finding the flaw in the first place.

The flaw was prevalent in IE9 and IE10 for some Windows Server systems and IE11 for machines running Windows 7, Windows 8, Windows 8.1, and Windows 10, as well as Windows Server 2012, 2016, and 2019. The vulnerability affected IE’s scripting engine and how it handles memory management. An attacker could break into a computer should the unwitting victim visit a website set up to take advantage of the weakness. An attack could be executed by simply sending the victim a link to a trapped website.

Once the hacker broke into a targeted system, they could have full control of the machine, allowing them to install programs, edit data, or even create an administrator account. The flaw was brought to Microsoft’s attention by engineers at Google.

Microsoft states that users with Windows Update enabled need only to apply the latest security patch and the flaw will be fixed. The company is urging Windows users who have not yet installed the latest security update to do so immediately.

Source(s)

Microsoft

HP Support Assistant is vulnerable to DLL hijacking

New security flaw discovered in HP Support Assistant 09/08/2022

Microsoft finally buries Internet Explorer today 06/15/2022

PC-Doctor Tool For Windows is also believed to be vulnerable to cyber attacks. (Image source: Lifewire)

Cybersecurity company finds worrying vulnerability affecting millions of Dell laptops and desktops 06/22/2019

Dell has really dropped the ball here. (Image source: Dell)

Dell laptops confirmed to be affected by serious SupportAssist security flaw 05/03/2019

Ghidra, the NSA's homegrown decompiler tool, is now open source 03/06/2019

Microsoft Visual Studio 2019 official launch website, April 2 event details

Microsoft Visual Studio 2019 coming on April 2 02/15/2019

Microsoft will bury Internet Explorer 10 in January 2020 01/30/2019

Microsoft has suggested that any remaining Windows Mobile users switch to another platform. (Source: The Windows Club)

Microsoft is putting an end to Windows Mobile support this year 01/19/2019

A Project Soli sensor. (Source: Google ATAP)

Google's Project Soli secures FCC approval 01/05/2019

Windows 10 Update may disable your administrator account 01/04/2019

Microsoft: Magnetic USB Type C possible successor of the Surface Connector 12/30/2018

An Internet Explorer patch is reportedly bricking lower-RAM Lenovo laptops. (Source: Lenovo)

Internet Explorer security patch is reported as dangerous to many Lenovo laptops 12/27/2018

The purported webcam may bring biometric authentication back to the Xbox One. (Source: Microsoft)

Microsoft may be readying 4K webcams for Windows and Xbox One 12/23/2018

The current view of the storefront. (Source: Own)

Microsoft's London flagship store is slowly taking shape 12/22/2018

Apparently, these models would not need much work to be able to unlock the Androids of their human counterparts. (Source: Wikimedia Commons)

A 3D-printed head created for news report could fool Android's Face Unlock, but not Apple's Face ID 12/19/2018

"123456" and "password" are officially 2018's worst passwords 12/16/2018

Facebook has admitted to yet another form of data breach. (Source: Picryl)

Facebook discloses info on "bug" that allowed apps access to 6.8 million users' non-posted photos 12/14/2018

The Starwood hackers used the same cloud hosting service that previous Chinese hackers had used. (Source: TechSpot)

Chinese hackers believed to be behind massive Marriott data breach 12/12/2018

The reported tiny Chinese spy chip in question was smaller than a pencil tip. (Source: Debuglies via Bloomberg)

No Chinese spy chips found in Supermicro internal investigation 12/11/2018

Meng Wanzhou could face a lengthy prison sentence in the US. (Source: Telecoms)

Huawei's CFO Meng Wanzhou faces extradition and fraud charges 12/07/2018

Note 9 users in the Samsung Beta Program can now test One UI. (Source: Android Authority)

One UI beta for the Samsung Galaxy Note 9 now available in some countries 12/04/2018

Spark wanted to provide a 5G network using Huawei equipment. (Source: Spark)

Huawei faces rejection for New Zealand 5G deployment contract 11/30/2018

Dell stated that no products or services were affected by the incident. (Source: V3)

Dell's network affected by attempted hack 11/29/2018

DriveSavers can now recover data from locked smartphones for a mere $3,900 11/29/2018

LinkedIn used 18 million non-user emails to buy targeted ads on Facebook 11/25/2018

It's not the first time Google Play has suffered from malware issues. (Source: Tech Viral)

Google Play security exposed by malware hidden in fake driving games 11/21/2018

NYU researchers developed an AI that can imitate fingerprints to bypass biometric readers 11/15/2018

Image via CloudFlare (Google Play Store)

CloudFlare releases an Android app to change your phone's DNS 11/12/2018

The last Nexus phones have received their last official OTA updates 11/08/2018

Websites could battle more bots without interrupting users thanks to reCAPTCHA v3 10/31/2018

Moto G5 and Moto G5 Plus get updated... to Android 8.1 Oreo 10/29/2018

Loading Comments

Comment on this article

American tech giants continue to ta...

Classic PC title Lemmings is marchi...

Sam Medley - Senior Tech Writer - 1344 articles published on Notebookcheck since 2016

I've been a computer geek my entire life. After graduating college with a degree in Mathematics, I worked in finance and banking a few years before taking a job as a database administrator. I started working with Notebookcheck in October of 2016 and have enjoyed writing news and reviews. I've also written for other outlets including UltrabookReview and GeeksWorldWide, focusing on consumer guidance and video gaming. My areas of interest include the business side of technology, retro gaming, Linux, and innovative gadgets. When I'm not writing on electronics or tinkering with a device, I'm either outside with my family, enjoying a decade-old video game, or playing drums or piano.

Please share our article, every link counts!

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2018 12 > Microsoft issues patch for Internet Explorer vulnerability found by Google

Sam Medley, 2018-12-20 (Update: 2018-12-20)

Microsoft issues patch for Internet Explorer vulnerability found by Google

Source(s)

Related Articles