Security News

An Internet Explorer 11 zero-day vulnerability used against security researchers, not yet fixed by Microsoft, today received a micropatch that prevents exploitation. An MHT file, or MIME HTML, is a special file format used by Internet Explorer to store a web page and its resources in a single archive file.

An Internet Explorer 11 zero-day vulnerability used against security researchers, not yet fixed by Microsoft, today received a micropatch that prevents exploitation. An MHT file, or MIME HTML, is a special file format used by Internet Explorer to store a web page and its resources in a single archive file.

Today, Microsoft is taking further steps to kill off Internet Explorer in Windows 10 by removing support for Microsoft Teams. As part of this plan, Microsoft is no longer supporting Microsoft Teams in Internet Explorer starting on November 30th, 2020.

Microsoft is taking further steps to kill off the antiquated Internet Explorer in favor of its new Chromium-based Microsoft Edge browser. Starting in recent versions of Microsoft Edge, when Internet Explorer visits an incompatible site, the browsing session will automatically be launched in Microsoft Edge to continue the browsing session.

Microsoft says that customers can now disable JScript execution in Internet Explorer 11 after installing the Windows October 2020 monthly security updates. "Blocking Jscript helps protect against malicious actors targeting the JScript scripting engine while maintaining user productivity as core services continue to function as usual," Microsoft explains.

The latest series of Patch Tuesday security updates for Windows 10 includes patches for 17 bugs marked 'Critical' and 97 listed as 'Important'. Microsoft has issued fixes for 120 vulnerabilities - including two zero-day exploits - in its latest Patch Tuesday security update for Windows 10.

ACROS Security's 0patch service on Tuesday released an unofficial fix for CVE-2020-0674, a recently disclosed vulnerability in Internet Explorer that has been exploited in targeted attacks. Microsoft informed customers last Friday that Internet Explorer is affected by a zero-day vulnerability.

Microsoft says it's prepping a patch to fix a memory corruption flaw in multiple versions of Internet Explorer that is being exploited by in-the-wild attackers. The flaw, which exists in a scripting engine built into Internet Explorer, could be exploited by attackers to remotely execute code of their choosing, Microsoft says.

Microsoft announced on Friday that it's in the process of developing a patch for a zero-day vulnerability in Internet Explorer that has been exploited in targeted attacks, reportedly by a threat group tracked as DarkHotel. According to Microsoft, the vulnerability can be exploited for remote code execution in the context of the targeted user.

Microsoft let slip on Friday an advisory detailing an under-attack zero-day vulnerability for Internet Explorer. In brief... A poorly configured Elasticsearch database left an app's baby photos and videos accessible from the public internet.