Jump to content

Emergency IE Patch Fixes Vulnerability Under Attack


Recommended Posts

I checked just now and in addition to an IE out of cycle patch I was offered three important patches and 8 optional updates. I installed all three on our two tablets with Windows 8.1 Looks fine. I'll do the two Windows 7 laptops next. Our Desktops are stored until we can move into the house.


This is being exploited in the wild now.




"Microsoft today released an emergency patch for all supported versions of Internet Explorer, including IE 11 running on the recently released Windows 10.


Microsoft said in its advisory that the zero-day is being publicly exploited. Google security engineer Clement Lecigne is credited with reporting the issue. A request for comment to Lecigne was not returned in time for publication.


The vulnerability, CVE-2015-2502, enables remote code execution, Microsoft said in bulletin MS15-093.


“This vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user,” Microsoft said, adding that a successful exploit would enable a hacker to install additional malicious programs, modify data on the compromised system or create new accounts.


“The update addresses the vulnerability by modifying how Internet Explorer handles objects in memory,” the advisory said.


See more at: https://threatpost.com/emergency-ie-patch-fixes-vulnerability-under-attack/114342#sthash.EhMZz9VN.dpuf




Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

This topic is now closed to further replies.
  • Create New...