Still using Internet Explorer? Hackers could take over your PC without this patch

Microsoft issues emergency fix for IE as it tries to shift customers onto Edge browser

Internet Explorer

As Microsoft customers debate over whether to upgrade to Windows 10 and its brand new browser, Edge, the company has been forced to patch for a critical Internet Explorer bug.

The emergency fix was published outside of Redmond's usual Patch Tuesday monthly schedule, and seeks to fix a zero-day vulnerability affecting IE7 through to IE11 that allows hackers to remotely control PCs.

Dubbed CVE-2015-2502, the exploit would enable cyber criminals to perform remote code execution issuing commands for a PC remotely if a user is directed to malicious websites hosting specially crafted webpages.

Lane Thames, software development engineer and security researcher at cybersecurity firm Tripwire, said: "This memory corruption vulnerability exists because IE does not properly manage certain objects in memory."

All a user needs do is visit the malicious webpages, with no further action required to trigger the bug.

Security blogger Graham Cluley explained in a Tripwire blog post: "Once a computer has been successfully compromised, the attacker would have the same user rights as the current user meaning that if you are logged in with admin rights, the hacker could take complete control of your PC."

The vulnerability is rated critical for Windows non-Server operating systems, but only moderate for Windows Server platforms including Server 2008, 2008 R2, Server 2012 and 2012 R2.

While Windows 10 browser Edge is not affected by the bug, it is rated as critical for users of IE11 on the 32-bit and 64-bit versions of Windows 10.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

How to factory reset Windows 10
operating systems

How to factory reset Windows 10

4 Mar 2020
SonicWall hacked via zero-day flaw in remote access tools
Security

SonicWall hacked via zero-day flaw in remote access tools

25 Jan 2021
Best ransomware removal tools
ransomware

Best ransomware removal tools

22 Jan 2021
Hackers publish over 4,000 files stolen from SEPA in ransomware attack
Security

Hackers publish over 4,000 files stolen from SEPA in ransomware attack

22 Jan 2021

Most Popular

How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
WhatsApp could face €50 million GDPR fine
General Data Protection Regulation (GDPR)

WhatsApp could face €50 million GDPR fine

25 Jan 2021
Trump pardons convicted ex-Google engineer Levandowski
intellectual property

Trump pardons convicted ex-Google engineer Levandowski

20 Jan 2021