Microsoft has confirmed that, Internet Explorer 0day vulnerability of some people being malicious use.
The vulnerability affects all versions of Windows 10, Windows 8.1 and the recently discontinued Windows7.
Microsoft Windows Server on its device as a "moderate," while on a Windows client version, which was rated "critical."
Internet Explorer 9, Internet Explorer 10 and Internet Explorer 11 are subject to the vulnerability. Remote code execution allows cyber criminals to get the same privileges as the logged on user, allowing full control over the infected device.
Microsoft explained that the attacker can attack through the website elaborate. In one of its advisory representation:. "Internet Explorer script engine processing in-memory object exists in the way a remote code execution vulnerability that could could execute arbitrary code in the context of the current user in a way to destroy the attacker memory attacker successfully exploited this vulnerability could gain the same user rights as the current user. "
According to Microsoft said it already under repair, but at the same time, recommends that customers apply the manual workaround to prevent attacks. Briefing pointed out that in view of "Microsoft is aware of limited attacks" and therefore this method to solve critical.
Solution Manually
Microsoft said, users can manually prevent exploits by restricting access to the JScript.dll. To perform this operation on 32-bit systems, run the following command must be put right at the command prompt:
</>CODE
takeown /f %windir%\system32\jscript.dll
cacls %windir%\system32\jscript.dll /E /P everyone:N
On the 64-bit device, it is necessary to run the following command:
</>CODE
takeown /f %windir%\syswow64\jscript.dll
cacls %windir%\syswow64\jscript.dll /E /P everyone:N
takeown /f %windir%\system32\jscript.dll
cacls %windir%\system32\jscript.dll /E /P everyone:N
After the patch is available, users can use the following command to manually undo the workaround:
</>CODE
32-bit systems
cacls %windir%\system32\jscript.dll /E /R everyone
</>CODE
64-bit systems
cacls %windir%\system32\jscript.dll /E /R everyone
cacls %windir%\syswow64\jscript.dll /E /R everyone
The next Patch Tuesday will be held February 11 release, but Microsoft will probably release a out-of-band security fix in the coming days.