Microsoft Fixes Internet Explorer – The tech giant Microsoft has recently accepted that Internet explorer is being affected by a security bug. Hackers are currently using it. But, Microsoft has not taken it. The Homeland Security division, US-CERT, tweeted about the whole matter.
The US-CERT is accountable for reporting any major security-related flaws to the higher authorities. The tweet had a link to a security advisory wherein the details about the bug discussed. The bug mentioned being exploited by the wild.
Microsoft Fixes Internet Explorer
Microsoft has told us that all the associated Windows versions are equally under the effects of the bug. Windows 7 also included in those affected versions. A bad thing about the situation with Windows 7 is that it will not receive any updates on security from now on.
The flaw had majorly targeted the memory storage of Windows. A hacker can very neatly use the flaw for his benefit. A hacker can use the flaw to run dangerous codes on an affected device.
They can easily trick everyday users. For example, they can send a malicious code disguised as a search query or an email. So, when user clicks on it, their device will also get affected.
The bug’s main motive is to allow the hacker to corrupt the scripting engine memory. It mainly used in IE9, IE10, and IE 11. It will give an upper hand to the hackers. They will be able to interfere with the system. It will allow the hacker to run malicious codes and get permission similarly as the user.
The Mozilla Firefox browser has also faced similar flaws recently. So, both the companies Microsoft and Mozilla gave Qihoo 360 a responsibility. Qihoo 360 is a research team for security-related matters. It is a China-based team. So, Qihoo 360 appointed by Microsoft and Mozilla to find and fix the bug.
It supposed under active attack conditions. In line with the ongoing matter, Qihoo 360 recently deleted a tweet from its official account. The tweet was supposedly about the flaw in Internet explorer. But, no official announcement has made yet.
Internet Explorer Security Flaw
Neither Microsoft nor Mozilla or Qihoo360 has said anything about the flaw. There are several questions left unanswered. Like who is conducting suck attacks? Who is the target? How much damage could it cause? No answer is available.
A warning also issued by the unit of cybersecurity advisory of the government of the U.S.A. They warned everyone to be alert about the ongoing exploitation. To not fall prey to any doubtful or lucrative things.
In an interview with a magazine, Microsoft told its side of the situation. They clarified that they were aware of the bug. Also, they knew about the specific target attacks of the virus.
They also said they were working on to fix the bug. But they can not release a new patch. At least not until their next security fix, which scheduled monthly, released and the security fix planned for the 11th of February 2020.
Microsoft uses a universal identifier for the vulnerability. CVE-2020-0674 a the collective security identifier for the vulnerability. No official statement regarding the bug specific details.
The flaw is a weak spot in the system. Anyone with wrong intentions can misuse the fault if they get the possession of the defect; they will attack ordinary users and also their system.
The spokesman for Microsoft did not respond to the questions about the flaw and its fixing. Hackers are aptly misusing the process of subjecting to the vulnerability of the system. Various versions of Windows are the targets of the actual action.