Critical Vulnerability Exposed in Internet Explorer 10 and 9: Microsoft Issues Emergency Patches
In a recent development, Microsoft has confirmed the existence of a critical zero-day vulnerability in Internet Explorer 10 (IE10) and Internet Explorer 9 (IE9). The vulnerability, identified as CNNVD-201402-209, has been exploited in attacks against users of these browsers.
According to Microsoft, if a user visits a malicious website using the affected browser, the vulnerability can allow remote code execution, enabling an attacker to execute malicious code on the user’s system. This can be triggered by a user clicking on a malicious link in an email or instant messaging platform.
In response to this critical vulnerability, Microsoft has released a hotfix patch to block the two loopholes in IE9 and IE10. However, users of older browser versions will not be affected by this issue, and Internet Explorer 11 (IE11) is also not vulnerable.
To mitigate this risk, Microsoft recommends that users running Windows 7, 8, or 8.1 upgrade their browser to Internet Explorer 11. Additionally, the company plans to release a permanent security patch as part of its next “Patch Tuesday” (Patch Tuesday) update.
Key Details
- Affected Browsers: Internet Explorer 10 (IE10) and Internet Explorer 9 (IE9)
- Vulnerability ID: CNNVD-201402-209
- Risk: Remote code execution, enabling an attacker to execute malicious code on the user’s system
- Patch Availability: Hotfix patch available for IE9 and IE10
- Recommendation: Upgrade to Internet Explorer 11 for Windows 7, 8, or 8.1 users
By taking proactive measures to address this critical vulnerability, users can protect themselves from potential attacks. Microsoft’s prompt response and patch release demonstrate the company’s commitment to ensuring the security of its users.