Latest news coming directly from the Microsoft’s website, which warns us for a serious flaw in Microsoft’s Internet Explorer browser which allows an attacker to impersonate known websites to steal user data.
Microsoft warned that the vulnerability had already been used in “limited, targeted attacks” against people and networks using Internet Explorer versions 6 to 11, which make up over a quarter of all web browsers.
One thing is also said from the Microsoft that till now none of the update released regarding this flaw, but said it would take “appropriate action” when it had completed its investigation.
“An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system,” the company said in a statement. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
How an attacker use this Flaw to HACK YOU:
Hacker has to tempt you on to a fake site, by “phishing”, using, for example, an email or an instant message with a link in it to be able to use the vulnerability, the company said.
Microsoft issued advice on its website on how IT departments could work around the vulnerability while it worked on a way to fix it.
Mostly these types of Vulnerability being used by the cyber criminals because they have never been used before, are becoming a favourite way for advanced cyber criminals to access corporate networks to steal intellectual property and customer data.
NOTE: Microsoft will eventually patch the drive-by bug in IE6, IE7 and IE8, then deliver those patches to PCs running Windows Vista and Windows 7, it’s likely that hackers will be able to uncover the flaw in the browsers’ code, then exploit it on the same browsers running on Windows XP.
UPDATE: Now, Microsoft has released security patch for Internet Explorer and the excited thing is- Update released even for Windows XP users!
Microsoft update:
We have made the decision to issue a security update for Windows XP users. Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system, such as Windows 7 or 8.1. Additionally, customers are encouraged to upgrade to the latest version of Internet Explorer, IE 11.
If you enabled settings for automatic update, then your computer will be updated automatically OR in-case you want to download that manually so, go HERE.
