Microsoft fixed zero-day vulnerability on IE browser
Earlier, Microsoft issued a security bulletin that revealed a zero-day vulnerability in Internet Explorer (CVE-2020-0674) reported by Google Project Zero and the 360 Security Group.
The zero-day vulnerability was exploited by hackers before the researchers discovered it, and the attacker could use the vulnerability to gain very high permissions and even control the entire computer.
However, at the time, Microsoft did not directly release a security update to fix this problem but postponed the problem until the cumulative security update of this month was released.
Microsoft said that if an attacker creates a web page containing malicious code and induces the user to open it, the attacker may successfully execute the code and obtain relevant permissions.
Now that Microsoft has released a security update to fix it, all users should immediately install this security update to completely block the script engine vulnerability in IE browser.