A serious security vulnerability in Internet Explorer could let attackers run malicious code via a memory handling bug. A small number of cases of active use have been confirmed.
The bug was initially reported mid-January, 2020 and affects Windows 7, Windows 8.x, Windows 10, and Windows Server 2008 and 2012.
The flaw, labelled CVE-2020-0674, is marked with severity ‘Critical’ for Windows 7, 8.x and 10.
Microsoft warns –
An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email.
Microsoft released a series of updates for systems at risk on February 11, 2020 as part of the monthly ‘Patch Tuesday’.
As of January 14, 2020, Windows 7 is no longer supported. This includes the Internet Explorer 11 browser.
We strongly advise using Windows 10 with an alternative browser such as the latest Chromium-based Microsoft Edge, Firefox, or Chrome.
Need Help with Windows?
For this or other issues with Windows and Microsoft services, the Method IT team is here to help! Founded in Tokyo in 2004, we are a registered Microsoft Silver Partner and offer fast and friendly English-Japanese bilingual support from native speakers.
Feel free to open a support ticket below to get in touch with one of our specialists!
Follow us for news on Windows 10, Office 365, and other Microsoft solutions
- Effective teleworking, tech, and health advice for difficult times plus need-to-know IT tips and headlines for March 2020.
- Shop for the latest laptops, desktops, network gear, peripherals, and software licenses in Japan with IT service addons. Plus the latest tech tips and news …
- Microsoft released an all-new, cross-platform version of the Edge browser via Windows Update and as a standalone app on January 15, 2020. Why so important? …
- The US National Security Agency (NSA) issued a rare warning about a vulnerability discovered in Windows 10 at a press conference on January 14, 2020.