You are currently viewing Microsoft urges Windows users to install emergency security patch

Microsoft urges Windows users to install emergency security patch

Microsoft warning Windows users to immediately install “emergency” out-of-band security patch

Microsoft has warned Windows users to install an “emergency” out-of-band security patch.

The company said in an advisory that a security flaw in some versions of Internet Explorer could allow an attacker to remotely run malicious code on an affected device. A user could be stealthily infected by visiting a malicious web page or by being tricked into clicking on a link in an email.

“An attacker who successfully exploited the vulnerability could take control of an affected system,” said Microsoft.

Microsoft said the vulnerability was under active exploitation, though details of the flaw had not been made public.

All browser users could be running affected versions of Internet Explorer 9, 10 and 11. All supported versions of Windows are affected, including Windows 7, Windows 8.1 and Windows 10, as well as several Windows Server versions.

Most users can install the patches using Windows Update.

Microsoft also issued a fix for its in-built malware scanner Windows Defender, which if exploited could have triggered a denial-of-service condition resulting in the app failing to work.

The company said no action was required by users to remediate the bug in Windows Defender.

It’s rare but not unheard of for Microsoft to release emergency security patches outside of its typical monthly patching cycle. The company typically releases security fixes in the second week of each month on its "Patch Tuesday", but will also release fixes for significant vulnerabilities under active exploitation as soon as they are made available.

Homeland Security also warned users in its own advisory urging affected users to install the patches (view Official Homeland Security Bulletin here).

View the Official Microsoft Security Advisory here.

Subscribe to our email alerts and tips!



Karl Carichner

CEO/Technology Specialist