Shulou(Shulou.com)05/31 Report--

On Monday, Microsoft warned users of a high-risk vulnerability in popular Internet Explorer that allows attackers to take over your computer, install and uninstall programs on your computer, view, change or delete data, and even create new accounts with full user privileges.

According to a security bulletin issued by Microsoft, the root cause of this vulnerability is the way the scripting engine (Scripting Engine) handles objects in memory. Specifically, a remote code execution vulnerability exists in the script engine in Internet Explorer when processing objects in memory, which destroys memory in this way, and an attacker can then execute arbitrary code in the context of the current user.

An attacker who successfully exploits this vulnerability can gain the same user privileges as the current user, and if the current user logs in with administrator user privileges, the attacker can take control of the affected system. The attacker will then install and uninstall programs on your computer, view, change or delete data, or even create a new account with full user privileges.

In a Web-based attack scenario, an attacker may have a special website designed to exploit this vulnerability through Internet Explorer, and then induce users to view the site (for example, by sending phishing emails).

Although Microsoft has released security updates, it has addressed this vulnerability by modifying the way the scripting engine handles objects in memory. But Microsoft once again reminded users to give up the obsolete browser. In February, Microsoft security researchers urged users to stop using IE as the default browser. Later, in April, we learned that even installing Internet Explorer on a computer or even not using it is a security risk.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.