Microsoft has officially opened the era of the new Edge, but that doesn't mean that of Internet Explorer has come to an end, with all that follows. The Redmond team has announced that it has discovered a new one vulnerability (CVE-2020-0674) in versions 9, 10 and 11 of the browser. The work necessary to remedy it has already been started by releasing an update to solve the problem.
New vulnerability for Internet Explorer
The flaw is able to allow an attacker to compromise the portion of memory used for the management of the scripting engine so as to be able to execute code with the same permissions attributed to the user. It is not difficult to imagine what i am dangers for the computer and for the data it contains. A problem with a nature that is not too different from that which led Mozilla to release a corrective update for Firefox last week.
A vulnerability so serious that the Cybersecurity and Infrastructure Security Agency has published a notice dedicated, suggesting some methods to remedy it at least temporarily, including partial or total blocking of access to the file jscript.dll. It is possible that the official fix may have to wait almost a month, until the next Patch Tuesday scheduled for February 11th.
In his speech, Microsoft claims to be aware of some attacks carried out precisely by forcing the flaw in question. To date, Internet Explorer is still present on 1.57% of the devices in circulation (source StatCounter), considering both desktop and mobile platforms.