Advertisement

Microsoft issues ‘critical’ warning for Internet Explorer zero-day

Microsoft issued a patch Tuesday to close a zero-day exploit in all supported versions of Internet Explorer.

Microsoft issued a patch Tuesday to close a zero-day exploit in all supported versions of Internet Explorer.

The patch, given a “critical” rating by the company, calls for updates to every supported Windows system, including Windows 10.

The exploit works by letting attackers exploit a memory flaw in IE, allowing for remote code execution that allows attackers to gain the same user rights as the current user. In other words, the higher up the admin chain a user sits, the more potential for damage inside a network.

The vulnerability, known as CVE 2015-2502, does not affect Microsoft Edge, the new browser packaged with Windows 10.

Advertisement

The flaw can be fixed via Windows update or by downloading a patch from the company. For more information, visit the security bulletin Microsoft released Tuesday.

Greg Otto

Written by Greg Otto

Greg Otto is Editor-in-Chief of CyberScoop, overseeing all editorial content for the website. Greg has led cybersecurity coverage that has won various awards, including accolades from the Society of Professional Journalists and the American Society of Business Publication Editors. Prior to joining Scoop News Group, Greg worked for the Washington Business Journal, U.S. News & World Report and WTOP Radio. He has a degree in broadcast journalism from Temple University.

Latest Podcasts