Microsoft IE browser vulnerability affects all Windows versions
Microsoft has warned Internet Explorer users of a "critical" security vulnerability that affects every user of Microsoft's IE Web browser on its Windows operating system. The security flaw, which is actually native to all versions of Windows OS till date -- including Server editions -- only kicks in through Internet Explorer. Still loyal to your Internet Explorer Web experience?
But to be fair to Microsoft, the company did issue a quick security advisory to fix the Windows flaw. The post details how the Windows vulnerability kicks in. Microsoft said that it "is aware of published information and proof-of-concept code that attempts to exploit this vulnerability."
On Microsoft's Security Response Center website, Angela Gunn also wrote on how the Windows vulnerability kicks in through Internet Explorer. "For instance, an attacker could construct an HTML link designed to trigger a malicious script and somehow convince the targeted user to click it. When the user clicked that link, the malicious script would run on the user's computer for the rest of the current Internet Explorer session."
This opens up the possibility of the affected Windows PC to be hijacked and Internet Explorer browser sessions being redirected to fake websites to steal users' personal data.
But Microsoft insisted that it "has not seen any indications of active exploitation of the vulnerability."
While Microsoft races against the clock to plug the Windows hole permanently, for Windows users -- especially those using Internet Explorer -- it has issued a patch to temporarily fix the security flaw.
Microsoft has warned Internet Explorer users of a "critical" security vulnerability that affects every user of Microsoft's IE Web browser on its Windows operating system. The security flaw, which is actually native to all versions of Windows OS till date -- including Server editions -- only kicks in through Internet Explorer. Still loyal to your Internet Explorer Web experience?
But to be fair to Microsoft, the company did issue a quick security advisory to fix the Windows flaw. The post details how the Windows vulnerability kicks in. Microsoft said that it "is aware of published information and proof-of-concept code that attempts to exploit this vulnerability."
On Microsoft's Security Response Center website, Angela Gunn also wrote on how the Windows vulnerability kicks in through Internet Explorer. "For instance, an attacker could construct an HTML link designed to trigger a malicious script and somehow convince the targeted user to click it. When the user clicked that link, the malicious script would run on the user's computer for the rest of the current Internet Explorer session."
This opens up the possibility of the affected Windows PC to be hijacked and Internet Explorer browser sessions being redirected to fake websites to steal users' personal data.
But Microsoft insisted that it "has not seen any indications of active exploitation of the vulnerability."
While Microsoft races against the clock to plug the Windows hole permanently, for Windows users -- especially those using Internet Explorer -- it has issued a patch to temporarily fix the security flaw.
No comments:
Post a Comment