Date:21/01/20
Following the reveal of a major security flaw in Internet Explorer that is currently being exploited by hackers, Microsoft has confirmed its existence though the software giant has no immediate plans to release a patch to fix it.
The security flaw in the company's legacy browser was first disclosed by a division of Homeland Security called US-CERT, that reports on major security flaws, in a tweet which contained a link to a security advisory concerning the bug. According to the advisory, the vulnerability has already been “detected in exploits in the wild”.
All supported versions of Windows, including Windows 7 which will no longer receive security updates, are affected by the flaw according to Microsoft.
Microsoft begs users to stop using Internet Explorer;
Microsoft Edge has a new logo to help you forget about Internet Explorer;
Also check out the best browser of 2020.
The vulnerability concerns how Internet Explorer handles memory and an attacker could leverage the flaw to remotely run malicious code on an affected computer. It also bears a striking resemblance to a similar vulnerability that was recently disclosed by Mozilla.
The Chinese security research team Qihoo 360 was the first to find the security flaw being used by attackers in the wild. However, the research team, Microsoft and Mozilla do not yet know which attackers are exploiting the flaw, how they're doing it or who they're targeting.
The security flaw appears to be serious enough that even the US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding it, which reads:
“The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s Advisory ADV20001 and CERT/CC's Vulnerability Note VU#338824 for more information, implement workarounds, and apply updates when available. Consider using Microsoft Edge or an alternate browser until patches are made available.”
Microsoft is currently working on a fix for the issue but a patch likely won't arrive until the company's next round of monthly security fixes which is scheduled for February 11.
Internet Explorer has a major security flaw, but Microsoft cant patch it yet
Following the reveal of a major security flaw in Internet Explorer that is currently being exploited by hackers, Microsoft has confirmed its existence though the software giant has no immediate plans to release a patch to fix it.The security flaw in the company's legacy browser was first disclosed by a division of Homeland Security called US-CERT, that reports on major security flaws, in a tweet which contained a link to a security advisory concerning the bug. According to the advisory, the vulnerability has already been “detected in exploits in the wild”.
All supported versions of Windows, including Windows 7 which will no longer receive security updates, are affected by the flaw according to Microsoft.
Microsoft begs users to stop using Internet Explorer;
Microsoft Edge has a new logo to help you forget about Internet Explorer;
Also check out the best browser of 2020.
The vulnerability concerns how Internet Explorer handles memory and an attacker could leverage the flaw to remotely run malicious code on an affected computer. It also bears a striking resemblance to a similar vulnerability that was recently disclosed by Mozilla.
The Chinese security research team Qihoo 360 was the first to find the security flaw being used by attackers in the wild. However, the research team, Microsoft and Mozilla do not yet know which attackers are exploiting the flaw, how they're doing it or who they're targeting.
The security flaw appears to be serious enough that even the US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding it, which reads:
“The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s Advisory ADV20001 and CERT/CC's Vulnerability Note VU#338824 for more information, implement workarounds, and apply updates when available. Consider using Microsoft Edge or an alternate browser until patches are made available.”
Microsoft is currently working on a fix for the issue but a patch likely won't arrive until the company's next round of monthly security fixes which is scheduled for February 11.
Views: 362
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
