Last week Microsoft released an emergency fix to address holes in the security of Internet Explorer. The repair was published outside of the usual patch schedule, which shows just how urgent the security issue is and the threat it poses to users.
The fix targets zero-day vulnerability affecting IE7 through to IE11, and allows hackers to control PCs remotely.
The bug has been named CVE-2015-2502 and enables hackers to perform remote code execution when victims find themselves on a malicious site.
Lane Thames of Tripware explained that memory corruption vulnerability exists because “Internet Explorer does not manage certain objects within its memory to a high enough standard.”
Simply visiting the malicious site will active the bug, leaving complete control of the users’ computer in the hands of the hacker, with entire admin rights.
While the bug does not affect the Windows 10 browser, Edge, it is rated as critical for users of IE11 on the 32-bit and 64-bit versions of Windows 10. It is important that you install this update to minimise chance of a data breach.
If you are at all concerned about your current browser, please do not hesitate to get in touch today – call 0800 9520652 or email firstname.lastname@example.org.