IE vulnerability allowing attackers to spot files on your disk got fixed

News

Reading time icon 3 min. read

Calendar icon Published on

by Milan Stanojevic 

published on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Internet Explorer 11 Video playback problems Solved

A recent security update by Microsoft addressed an Internet Explorer‘s vulnerability that was initially discovered by Google’s Threat Analysis Group.

Microsoft described the vulnerability as “An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.”

Both both Internet Explorer 10 and Internet Explorer 11 that have been installed on a Windows 7, 8.1, and 10 machines are impacted as a result of this vulnerability.

How is this IE vulnerability harmful?

Anyone could have traced the presence of files that are stored on your disks if they successfully exploit this vulnerability. The attackers will have to fool the victim to visit a malicious website. That is the only way if the attackers want to be successful in their plans.

According to Microsoft, some major exploitation have been detected by the company where the attackers took advantage of this vulnerability. In order to fix this security issue, the recent security update has completely changed the way objects are being handled by Internet Explorer in the memory.

Trust me! This IE vulnerability was the worst among the total 77 security flaws that have been fixed by the Redmond giant as a result of the Patch Tuesday efforts. Some of these vulnerabilities were caused by programming blunders in Microsoft’s IE and Edge browsers. But, hey, to err is human, isn’t it?

Moreover, the hackers could have used an unprivileged mailbox account in order to get remote administrative control over the Exchange server as a result of an Exchange flaw. Apart from these two, the update also addressed vulnerabilities in Microsoft Dynamics, Visual Studio, Edge browser, and Office.

How to download the patch

You don’t need to manually download the update to get the security patch. The Patch Tuesday cycle already has delivered the monthly rollups for Windows 7 and Windows 8.1, along with cumulative updates for Windows 10. If you have not received the automatic update, you can manually check for updates in the Settings app.check for updates

It’s time to say goodbye to IE

Keep in mind that Microsoft has already warned users against using Internet Explorer. Stating the browser to be outdated, the tech giant suggested the users move on to the latest browser version as soon as possible.

It is worth mentioning that Microsoft is not the only software giant who has been the victim of the recent exploitations by hackers. You might not know that three iOS vulnerabilities have been patched by Apple last week. While unlike Microsoft, Apple simply avoided commenting on the issue.

RELATED STORIES TO CHECK OUT:

More about the topics: Cybersecurity, Internet Explorer Issues, windows 10 news

Milan Stanojevic

Milan Stanojevic Shield

Windows Toubleshooting Expert

Milan has been enthusiastic about technology ever since his childhood days, and this led him to take interest in all PC-related technologies. He's a PC enthusiast and he spends most of his time learning about computers and technology. Before joining WindowsReport, he worked as a front-end web developer. Now, he's one of the Troubleshooting experts in our worldwide team, specializing in Windows errors & software issues.