A zero-day vulnerability in internet explorer is being exploited

The Microsoft Security Response Center has announced the existence of a zero-day vulnerability in Internet Explorer that is currently being actively used by cybercriminals to carry out various attacks. The ruling, named CVE-2020-0674, has not yet received a patch, although the firm says it is working on it.

A zero-day vulnerability in Internet Explorer is being exploited

As you may have learned, this is a vulnerability found in the way the scripting engine handles objects in memory within the signature browser.

Security breach

Due to this vulnerability, an attacker could corrupt memory to execute code maliciously. If an attacker were to successfully exploit this vulnerability, they could obtain the same permissions as the user, who owns the computer. So if the user is logged in as administrator, the attacker will also have those permissions. What could make it take control of the system.

This means that a cybercriminal can even create a site specially designed to exploit the vulnerability through Internet Explorer. As reported by the company, all versions of Windows are affected by this failure. Although in some cases it is considered a moderate failure, although it is something serious that they seek to solve this error as soon as possible.

Microsoft has confirmed that it is aware of the existence of some attacks that have attempted to exploit this flaw in Internet Explorer. The company has said to work on a solution, although we don't know yet when it will be launched. What is not known is if it will wait for next month and will be released with the rest of the patches or if it will be released in advance due to these problems.

Softpedia font