Corrine 2,663 Posted January 17 Microsoft released Security Advisory ADV200001 for a remote code execution vulnerability with limited active attacks in Internet Explorer. The issue is described as the way that the scripting engine handles objects in memory in Internet Explorer. As described in the advisory: The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In the event you use Internet Explorer, it is strongly advised that you follow the instructions at the bottom of the Advisory to restrict access to JScript.dll as a workaround. Security Advisory ADV200001 1 1 Share this post Link to post Share on other sites
securitybreach 10,974 Posted January 18 Why is IE still around anyway? Share this post Link to post Share on other sites
zlim 1,199 Posted January 18 Because 27% of the world is still on Windows 7 and that browser is included with Windows 7. Eventually MS is coming up with Edge for Win 7. Too bad they didn't do this while Win 7 was still being patched. Companies can pay for Win 7 patches for up to 3 more years. Share this post Link to post Share on other sites
securitybreach 10,974 Posted January 18 Yeah but why is it still included in Windows 10? Share this post Link to post Share on other sites
goretsky 1,163 Posted January 19 Hello, Access to legacy line of business apps by corporate customers which they cannot replace due to budgetary reasons (no longer have source code or people who understand it and would have to rebuild from scratch, etc.). When in discussions by Microsoft, they explains, "Well, if IE is deprecated, we will continue using the last version of Windows that supports it." While that would not be a huge cut into enterprise software licensing revenues, it would be a noticeable and measurable one. That, in conjunction with having dela with reports of loss of or a stall in Windows 10's marketshare, would affect the company's stock price So, that's why IE is still present in Windows. Regards, Aryeh Goretsky 2 Share this post Link to post Share on other sites
