قالب وردپرس درنا توس
Home / Technology / Microsoft Issues Emergency Fix for IE Zero Day – Krebs on Security

Microsoft Issues Emergency Fix for IE Zero Day – Krebs on Security



Microsoft has today released an emergency software package to connect a critical security hole in its Internet Explorer (IE) browser that the attackers already use to break into Windows ] computers

The software giant said it learned about the weakness ( CVE-2018-8653 ) after receiving a report from Google about a new vulnerability used in targeted attacks. Satnam Narang Senior Scientist at Tenable said the vulnerability affects the following installations of IE: Internet Explorer 11 from Windows 7 to Windows 1

0, as well as Windows Server 2012, 2016 and 2019; IE 9 on Windows Server 2008; and IE 10 on Windows Server 2012.

"When the error is actively exploited in nature, users are encouraged to update their systems as soon as possible to reduce the risk of compromise," said Narang.

According to a little sparse advice about the patch, malware or attackers can use the failure to break into Windows computers by getting a user to visit a hacked or booby-caught site. An attacker can then install programs; view, change or delete data; or create new accounts with full user privileges.

Microsoft states that users who have Windows Update enabled and have used the latest security updates are automatically protected. Windows 10 users can manually check for updates in this way; Instructions on how to do this for earlier versions of Windows are here.

Tags: CVE-2018-8653, google, Microsoft IE null day, Satnam Narang, Tenable

You can jump to the end and leave a comment. Pinging is currently not allowed.


Source link