MENU
Attacks against Internet Explorer

EMERGENCY PATCH: ATTACKS AGAINST INTERNET EXPLORER

September 26, 2019 • Software & Security

An update closes a critical hole in Internet Explorer – but it is not yet available through Windows Update. Also Windows Defender gets a patch.

Currently, attackers target users with Windows computers using Internet Explorer. If an attack is successful, the execution of malicious code is conceivable. A security patch is available but does not have Windows Update.

For a successful attack, attackers only have to lure victims onto a crafted website. The visit triggers the “critical” vulnerability (CVE-2019-1367) in the memory manager (Scripting Engine), which results in a memory corruption.

In addition, attackers could execute their own code on computers with the victim’s rights. If a victim has admin rights at the time of the attack, the attackers can take full control, Microsoft warns in a post.

Download the update manually

Affected by this are Internet Explorer 9, 10 and 11 in different versions of Windows. According to Microsoft, the update is not yet available through Windows Update at this time. Accordingly, you have to manually download and install it. Microsoft wants to distribute the security update only in October for Patchday over Windows Update.

If you can not install the patch right now, you should hedge your system with a workaround. How this works, Microsoft explains at the end of a contribution to the gap.

Another emergency update

Even Windows Defender gets a patch out of line. Vulnerability exploitation (CVE-2019-1255) can put the virus scanner in a DoS state. The update is considered important. For an attack to work, an attacker already needs access to a system, Microsoft says in a warning message. (of)

JOIN OUR NEWSLETTER
I agree to have my personal information transfered to MailChimp ( more information )
Join the numerous visitors who have subscribed to our newsletter on ICT News Africa from Tebudele.Com!
We hate spam. Your email address will not be sold or shared with anyone else.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

« »