Jump to content

Microsoft Security Advisory for Remote Code Execution Vulnerability in IE

Corrine

By Corrine
in Security & Networking

 Share

Recommended Posts

Corrine

Corrine

Posted
Posted

Microsoft released Security Advisory ADV200001 for a remote code execution vulnerability with limited active attacks in Internet Explorer.  The issue is described as the way that the scripting engine handles objects in memory in Internet Explorer. As described in the advisory:

 

The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

 

In the event you use Internet Explorer, it is strongly advised that you follow the instructions at the bottom of the Advisory to restrict access to JScript.dll as a workaround.

 

Security Advisory ADV200001

 

  • Like 1
  • Thanks 1
securitybreach

securitybreach

Posted
Posted

Why is IE still around anyway?

zlim

zlim

Posted
Posted

Because 27% of the world is still on Windows 7 and that browser is included with Windows 7. Eventually MS is coming up with Edge for Win 7. Too bad they didn't do this while Win 7 was still being patched.

Companies can pay for Win 7 patches for up to 3 more years.

securitybreach

securitybreach

Posted
Posted

Yeah but why is it still included in Windows 10?

goretsky

goretsky

Posted
Posted

Hello,

Access to legacy line of business apps by corporate customers which they cannot replace due to budgetary reasons (no longer have source code or people who understand it and would have to rebuild from scratch, etc.).  When in discussions by Microsoft, they explains, "Well, if IE is deprecated, we will continue using the last version of Windows that supports it."  While that would not be a huge cut into enterprise software licensing revenues, it would be a noticeable and measurable one.  That, in conjunction with having dela with reports of loss of or a stall in Windows 10's marketshare, would affect the company's stock price

 

So, that's why IE is still present in Windows.

 

Regards,

 

Aryeh Goretsky

 

  • Like 2

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...