Microsoft releases security patch for IE

We’re sorry, this feature is currently unavailable. We’re working to restore it. Please try again later.

Advertisement

This was published 14 years ago

Microsoft releases security patch for IE

Updated

Microsoft has released a security patch aimed at preventing hackers from exploiting a vulnerability in its web browser, Internet Explorer.

The US software giant said the security update would be automatically installed for Internet Explorer users who have automatic updating enabled on their computers but would need to be installed manually by other users.

It said the update, released on Tuesday, resolves three privately reported vulnerabilities in Internet Explorer.

"These vulnerabilities could allow remote code execution if a user views a specially crafted web page using Internet Explorer," Microsoft said.

It said the security patch "addresses these vulnerabilities by modifying the way that Internet Explorer handles objects in memory and table operations."

Microsoft said an attacker could exploit the vulnerability by constructing a specially crafted web page.

"When a user views the web page, the vulnerability could allow remote code execution," it said. "An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user."

"If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system," it said.

Microsoft said the security update was considered "critical" for users of certain versions of Internet Explorer running on Windows 2000 and Windows XP operating systems.


Most Viewed in Technology

Loading