Microsoft has released an emergency update for Internet Explorer
Microsoft has released an emergency update MS15-093 for all versions of its Internet Explorer 7-11 web browser. The update closes the critical vulnerability CVE-2015-2502 in the HTML web browser engine mshtml.dll on all operating systems from Windows Vista SP2 to Windows 10. The vulnerability is of type Remote Code Execution (RCE) and is already used by attackers to install malware using 0day exploit (drive-by download).
The vulnerability does not allow attackers to bypass the IE11 security setting called Advanced Protected Mode ( EPM ), which makes the tab process work at a low privilege level. In addition, exploit activities can also be blocked by an active EMET .
')
We recommend that Windows users install the appropriate update; for Windows 10, this operation happens automatically.
be secure.
The vulnerability does not allow attackers to bypass the IE11 security setting called Advanced Protected Mode ( EPM ), which makes the tab process work at a low privilege level. In addition, exploit activities can also be blocked by an active EMET .
')
We recommend that Windows users install the appropriate update; for Windows 10, this operation happens automatically.
be secure.
Source: https://habr.com/ru/post/265055/
All Articles