BT

InfoQ Homepage News Critical Flaw Allows Remote Code Execution on Internet Explorer

Critical Flaw Allows Remote Code Execution on Internet Explorer

Bookmarks

There exists a critical flaw in Internet Explorer that is currently vulnerable to exploit.  Microsoft has released a security advisory marked “critical” which is the highest risk according to their rating system.  The flaw is triggered when a user opens a web page containing the exploit.  IE is then taken advantage of and the exploit is able to run arbitrary code at the same level of the user, which in many cases on Windows is at the Administrator level. 

Microsoft has made security update 3081444 available to patch this flaw.  The company reports that this flaw is being targeted by exploits in the wild, but provided no further details of what specific attacks are being taken.

This flaw affects all supported versions of Internet Explorer 7 and higher.  (This is not to say prior versions of IE are not supported, just that they are not patched by this advisory.)  The systems affected by this vulnerability include Internet Explorer 11 running on Windows 10 and those running Windows Server Technical Preview.

According to Microsoft, users should install security update 3078071 (released August 11, 2015) before applying this update.  A knowledge base article has been provided as a companion to Microsoft Security Bulletin MS15-93.  To update their system and correct the flaw, users can use Windows Update or the aforementioned security bulletin to download a patch for their specific system.

Rate this Article

Adoption
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

BT

Is your profile up-to-date? Please take a moment to review and update.

Note: If updating/changing your email, a validation request will be sent

Company name:
Company role:
Company size:
Country/Zone:
State/Province/Region:
You will be sent an email to validate the new email address. This pop-up will close itself in a few moments.