Skip to main content

Microsoft patches up major flaw in Internet Explorer

microsoft bleeds ie users to google chrome on top by mid year internet explorer
Image used with permission by copyright holder
While Microsoft may have moved on from its longstanding Internet Explorer browser with the launch of Edge in Windows 10, there are many millions of people who have not yet jumped over to the new bandwagon. That in turn suggests that Microsoft will be providing support for the older standard for years to come. Like this latest instance, where it’s patched IE to help users avoid a nasty vulnerability.

This particular flaw in Internet Explorer potentially gives remote access to a user’s system, though it does have to be executed through the age-old practice of malware infested email attachments, or having someone visit an infected website. If that happens, the nefarious individuals behind the bug are immediately granted the same level of access to your system as your logged-in account. This in turn means that if you’re on as an admin, they can do just about whatever they want.

The bug is said to affect all versions of Internet Explorer 7 through 11, across Windows Vista, Server 2008, 7, 8 and 8.1 This includes 32 and 64bit versions.

Related: Microsoft divulges details on what’s being dropped from Edge’s new rendering engine

It’s fortunate then that Microsoft has jumped on this and unless you have your updates set to be manually approved, this patch should come through automatically without you having to do anything. However, if it doesn’t, head to Windows Update, to have it download and install itself, or you can do it entirely manually be heading to Microsoft’s Security Bulletin.

There is one known flaw with this update, in that it is mis-labelled in Add or Remove programs, where it’s listed as a “Hotfix” instead of a “Security Update.” However, this does not affect the effectiveness of the patch in any manner, and shouldn’t cause any problems beyond mild confusion.

Do any of you still use Internet Explorer? Or are you all Chrome and Firefox users these days?

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
It’s not just you — Microsoft admits its patches broke OneDrive
Microsoft OneDrive files can sync between a PC and a phone.

If you’ve been experiencing OneDrive crashes and error messages, before digging too deep for a solution, note that it might be Microsoft’s fault. Common solutions like restarting, or signing out and back in won’t help because the issue is with the latest Windows 10 update.

Apparently, the problem begins after installing the 22H2 update for Windows 10 that was released on October 18, 2022. Today, Microsoft confirmed that after updating Windows 10, OneDrive might “unexpectedly close,” a nice way to describe a crash. This problem isn’t affecting Windows 11 computers and it’s still possible to use OneDrive via a browser.

Read more
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more