Serious Internet Explorer Security Flaw Patched

 
 

A serious security vulnerability in Internet Explorer could let attackers run malicious code via a memory handling bug. A small number of cases of active use have been confirmed.

The bug was initially reported mid-January, 2020 and affects Windows 7, Windows 8.x, Windows 10, and Windows Server 2008 and 2012.
The flaw, labelled CVE-2020-0674, is marked with severity ‘Critical’ for Windows 7, 8.x and 10.

Microsoft warns

An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.

Microsoft released a series of updates for systems at risk on February 11, 2020 as part of the monthly ‘Patch Tuesday’.

As of January 14, 2020, Windows 7 is no longer supported. This includes the Internet Explorer 11 browser.

We strongly advise using Windows 10 with an alternative browser such as the latest Chromium-based Microsoft Edge, Firefox, or Chrome.

Need Help with Windows?

For this or other issues with Windows and Microsoft services, the Method IT team is here to help! Founded in Tokyo in 2004, we are a registered Microsoft Partner and offer fast and friendly English-Japanese bilingual support from native speakers.
Feel free to open a support ticket below to get in touch with one of our specialists!

Follow us for news on Windows 10, Office 365, and other Microsoft solutions

More Microsoft News ›