In a recent cybersecurity issue, some hackers from North Korea are attacking Internet Explorer by exploiting a vulnerability, which is said to be a zero-day flaw. The company Microsoft has not yet spoken on the issue and is still silent. 

Users should immediately stop using Internet Explorer for a while to stay safe from the hackers, suggest cybersecurity experts. If the users still prefer to use Microsoft software, they can download the latest Edge Browser by Microsoft. The Edge browser is safe from the attack as well as offers a better user experience while browsing than Internet Explorer. Other secured browsers include Google Chrome and Mozilla Firefox.

But if the users still want to use the traditional software, cybersecurity experts at Tom’s Guide suggest downloading a limited time user account that is safe for any software modification.

Microsoft has scheduled to release its next security patch, not until the 11th of February, therefore, its a long wait before the latest update is issued.

Microsoft reveals the Flaw-

In an online advisory published on 17th January, Microsoft explained the vulnerability, saying the flaw allows the hacker to corrupt the memory and perform arbitrary coding. If achieved successfully, the hacker has full access to the system, the same as the genuine user.

“Let us imagine a scenario where the hacker hosts a website on the web, which is specially made to exploit the vulnerability via Internet Explorer, in this case, the hacker can lure the user to visit the website by sending him emails,” says Microsoft.

Once the hacker has access to the admin user rights, the user system is hacked and the hacker has command over the system. He can modify the programs, install or delete any existing software or worse, delete important data.

The hackers are likely to be from North Korea-

One should not ignore this vulnerability because it has ties to hackers from North Korea. The attack on Internet Explorer seems to be similar to the one that affected the Mozilla firefox. Researchers at Qihoo 360 discovered the attack and accused Darkhotel, a group of hackers from North Korea, for carrying out this activity.



Source link