Microsoft released the patch to fix an Internet Explorer 0-day vulnerability
Microsoft has just released the latest security updates to all supported versions of Windows, which are mainly used to fix IE browser remote code execution vulnerabilities.
This update was received in Windows 10, Windows 8.1, Windows 7, Windows Server 2008 R2, Server 2019. Patch update numbers include: KB4483235 / 4483234 / KB4483232 / KB4483230 / KB4483229 / KB4483228.
CVE-2018-8653 Memory Corruption Vulnerability
This vulnerability is located in the IE browser’s scripting engine, which can be exploited by an attacker to execute malicious code that corrupts memory and performs authorization when the user operates.
If a user logs in with a normal account, the attacker can successfully obtain the same authority. If the administrator logs in, the entire system can be completely controlled.
In a network attack environment, an attacker can create a specific web page for this vulnerability, such as phishing emails to induce users to access the web page for attacks. Once the goal is achieved, the attacker can execute code on the computer, such as downloading malware, scripts, or executing any commands that the currently logged in user can access.
Download the patch: