DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
January 25, 2021 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 130 people online.

 

Latest Reviews
ASUS ROG Strix B450-F Gaming Motherboard
Sonos Move
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
 

Follow us
RSS
 

Actively exploited Internet Explorer bug will not be patched until February 11

Posted on Monday, January 20 2020 @ 11:07:55 CET by


MSFT
There's a zero day vulnerability (CVE-2020-0674) in Microsoft's Internet Explorer browser that is reportedly used for "limited targeted attacks." A vulnerability in the browser's scripting engine can result in memory corruption and allow an attacker to run arbitrary code.
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.
The bug affects Internet Explorer 9, 10 and 11 on various supported versions of Windows. Despite the fact that the bug is actively exploited, Microsoft isn't planning to do an out-of-band update. The software giant explains on its website that a patch will be rolled out on February 11, the next Patch Tuesday. Mitigation techniques can be found at Microsoft's website. Alternatively, you can use a different browser like Chrome or Firefox.



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2021 DM Media Group bvba