Microsoft to fix an active security flaw in Internet Explorer

Microsoft, the renowned American tech giant, reportedly verified the presence of a security flaw that is affecting Internet Explorer (IE) and is being used by hackers. The company also said it is working to find a fix for this bug, which would be released later.

The tech giant further stated that all the supported Windows versions are affected by this bug, which also includes Windows 7. Also, Windows 7 won’t receive any security updates after the end of the week.

The problem was found in the way Internet Explorer manages memory. A hacker might use this flaw to remotely run malicious code over an affected computer, like tricking a computer user to open a malicious website through a link sent by email or from the search query.

The security flaw is said to be one that is the same as the vulnerability disclosed by Mozilla recently in its Firefox browser. Both Mozilla and Microsoft credited Qihoo 360, a Chinese security research team, with discovering flaws under active attack. Previously in the week, the Chinese security team reportedly deleted a tweet regarding a similar defect in Internet Explorer.

Neither Microsoft, Mozilla nor Qihoo elaborated how cybercriminals were exploiting the security bug, who were the attackers, or who was targeted. The cybersecurity advisory unit of the U.S. government also issued a warning regarding current exploitation.

Microsoft stated that it was aware of the limited targeted cyber-attacks and was also working towards a fix. The company also said that it is unlikely to launch a patch till its next round of security fixes of each month, which is scheduled for 11th February.

Reports cite, Microsoft Office products have been the most commonly exploited software by cyber-criminals across the world. About 73 percent of total cyber exploits were conducted in MS Office products during 2019’s third quarter.

After MS office products, browsers were the most exploited applications by attackers with 13.47 percent of overall exploitation followed by Android with 9.09 percent, Adobe Flash with 1.57 percent, Java with 2.36 percent exploitation, and PDF with 0.66 percent.

 

Source credit: https://techcrunch.com/2020/01/18/internet-explorer-security-flaw/