Microsoft quietly pushed out an out-of-band (read: emergency) update to Internet Explorer today to thwart attacks that could let malicious websites install malware on Windows PCs.
"An attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email," a Microsoft security advisory (opens in new tab) said.
"If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability ... could then install programs; view, change, or delete data; or create new accounts with full user rights."
To make sure you're protected, run Windows Update. The vulnerability officially affects Internet Explorer 9, 10 and 11 on Windows 7, 8.1, 10 and supported server versions. If you're running older versions of IE, or older versions of Windows, it's time to upgrade.
MORE: Best Antivirus Software and Apps
Microsoft gave Google's Clement Lecigne credit (opens in new tab) for discovering the bug. Bleeping Computer reported that Google's Threat Analysis Group, for which Lecigne apparently works, had seen "the vulnerability being used in targeted attacks," but Microsoft didn't say anything about that in its security advisory or its associated support page (opens in new tab).
Whether this vulnerability is being actively exploited or not, it certainly will be once malware writers dissect the Microsoft update, figure out how to attack the flaw and add working malware into browser exploit kits. That will likely all be done within 24 hours, so patch your Windows system now -- or just avoid using Internet Explorer.
Image credit: Lucian Milasan/Shutterstock
Windows 10 Security and Networking
- Use the Windows 10 Parental Controls
- Find Your MAC Address
- Turn Your Windows PC into a Wi-Fi Hotspot
- Password Protect a Folder
- Create a Guest Account in Windows 10
- Enable Windows Hello Fingerprint Login
- Set Up Windows Hello Facial Recognition
- How to Restrict Cortana's Ever-Present Listening in Windows 10
- Automatically Lock Your PC with Dynamic Lock
- Blacklist Non-Windows Store Apps
- Find Saved Wi-Fi Passwords
- Set Up a Metered Internet Connection
- Use Find My Device
- Stream XBox One Games
- All Windows 10 Tips
- Map a Network Drive
- Create Limited User Accounts
- Set Time Limits for Kids
- Pin People to Your Taskbar