Navigation
Recherche
|
Microsoft issues emergency update to fix critical IE flaw under active exploit
jeudi 20 décembre 2018, 03:00 , par Ars Technica
Enlarge (credit: Microsoft)
Microsoft has issued an emergency update that fixes a critical Internet Explorer vulnerability that attackers are actively exploiting on the Internet. The memory-corruption flaw allows attackers to remotely execute malicious code when computers use IE to visit a booby-trapped website, Microsoft said Wednesday. Indexed as CVE-2018-8653, the flaw affects all supported versions of Windows. The vulnerability involves the way Microsoft's scripting engine handles objects in memory in Internet Explorer. In a separate advisory, Microsoft said the vulnerability is being used in targeted attacks, but the company didn't elaborate. Microsoft credited Clement Lecigne of Google's Threat Analysis Group with discovering the vulnerability. No other details were available about the vulnerability or exploits at the time this post was being reported. Read 1 remaining paragraphs | Comments
https://arstechnica.com/?p=1431145
|
56 sources (32 en français)
Date Actuelle
ven. 22 nov. - 04:47 CET
|