Google Chrome and Firefox might be the most popular web browsers, but a small percentage of Windows users are still depending on Microsoft’s older Internet Explorer browser. If that covers you, then Microsoft is now urging you to install an emergency patch as soon as possible in order to avoid possible malicious attacks from hackers.
This latest patch corrects an issue with Internet Explorer 9 and 11 in Windows 7, 8.1, and Windows 10 and also Windows Server. Before the patch, hackers could have directed Internet Explorer users to a malicious website, which is able to exploit the scripting engine of the browser. This would have allowed hackers to execute their own code, and eventually, take full control of a victim’s PC.
To download this latest patch, you should open Windows Update and click on “Check for Updates.” It should then install automatically, without any issue. More technical users can also install by manually choosing their version of Windows from a chart on Microsoft’s Security Update guide website. This will then redirect to the Microsoft Update Catalog, where the patch can then be downloaded and eventually installed by double-clicking it and following the on-screen instructions.
“In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory,” explained Microsoft.
Known as an “Out-of-Band” update, is relatively rare for Microsoft to issue such a patch outside of the “Patch Tuesday” when it typically releases security updates for Windows and other software. The U.S. federal government also issued a warning, right alongside Microsoft, urging users to update with today’s patches to avoid infection.
However, similar updates have been released in the past. Earlier this year, Microsoft was also urging users to update Windows after it found two issues in the operating system. The company had then patched two critical remote code execution (RCE) “wormable” vulnerabilities, which could have allowed hackers to spread malware to the victim and also other PCs without their explicit knowledge.