As Internet Explorer got suspended by MS’s new Edge browser, still it comes with pre-installed on every Window’s PC. The reason is very simple- A lot many organizations go for the old-fashioned browser for their legacy app and this makes Microsoft keep it intact but not spending much time in its bug fixes. But sadly, Internet Explorer was found with a serious flaw which makes it vulnerable to malware attacks, as per one security alliance.
As per the Researchers, the malware uses up the User Account Control (UAC) dodge attack which utilizes the file steganography which is a part of the technology of implanting a message, image, or file within another message, image or file.
According to the ZDNet reports on the zero-day bug, which they are suspecting is coming from the Chinese antivirus software company named Qihoo 360 core. Microsoft Company’s research team has claimed that the bug use up MS-Office document that has vulnerability installed on it and that opens up for a web page that downloads malware.
Microsoft has now responded to ZDNet’s request for commenting on this issue, as Windows always look for customer’s commitment to investigate these reported issues and will update on the infected devices soon. The Company is, therefore, suggesting its customers to go for Windows 10 and MS-Edge browser for the best protection result. And they further talk about the policy to provide antidote through the current update news by coming Tuesday is scheduled.
Microsoft has provided a basic flowchart to show how the bug is working on the infected system. Other than that there is no such information on the flaws and a very little on to show the infected system are working. Unless and until Microsoft fixes this issue, it will remain an issue for Windows users.
Supposedly this attack is being conducted on a global horizon by an Advanced Persistent Threat (APT) group. This involves a group of hackers with some abilities to conduct such an advanced attack. But unfortunately, there are not many ways left for the users to do at this point, other than to follow the security advice, which advice to keep systems and software updated, need to make sure that we’re using enough malware protection and not to open any files unless and until we’re sure about it, that it’s from a trusted source and was sent to us on some purpose.