image credit: flickr

Microsoft issues patch for Internet Explorer zero-day

September 24, 2019

Via: TechSpot

Yesterday, Microsoft published CVE-2019-1367, a remote code execution vulnerability that exists in the way that the scripting engine handles objects in memory in Internet Explorer.

The vulnerability, discovered by Clément Lecigne of Google’s Project Zero Threat Analysis Group, is present in every version of Internet Explorer for Windows 7, 8.1, and 10. Microsoft writes that “The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.”

What’s especially concerning is if a target is logged in with administrative rights.

Read More on TechSpot