Google found a vulnerability in the Internet Explorer that allowed attackers to gain broad access to computer systems. Microsoft had to hurry up and release an emergency update to fix the cybersecurity flaw.
The vulnerability in the browser allowed an attacker to execute an arbitrary code which could potentially give him user rights as the current user. If the user was logged on as an admin, the attacker could take control of the system using the vulnerability. With Admin privileges, an attacker could then install programs, view, and change or delete data and even create new accounts with full user rights.
The released security update addressed the vulnerability by implementing some changes on how the scripting engine handles objects in memory. Microsoft calls its latest update CVE-2018-8653.
Microsoft in its post said that security researchers at Google and Department of Homeland Security detected cybercriminals using the flaw present in several versions of the popular Internet Explorer. The post further said that “customers who have Windows Update enabled and have applied the latest security updates, are protected automatically. We encourage customers to turn on automatic updates.” The post also thanked Google for its assistance.