It hasn’t been a good week for Microsoft, but when is it ever? Microsoft as confirmed to TechCrunch that it will fix an Internet Explorer security exploit already being used for “limited targeted attacks.” The vulnerability seems to affect Internet Explorer 9, 10, and 11. However, if you are still using Internet Explorer, you are doing the internet all wrong. Normally, you would only use IE to download another browser like Firefox, Chrome, or Microsoft’s new browser – Edge Chromium.
The vulnerability lets attackers corrupt memory used for the scripting engine in IE9, IE10 and IE11 in a way that would let the intruder run arbitrary code with the same permissions as the user, letting them hijack a PC. The issue even warranted Homeland Security to advise people to both be aware of the flaw and consider using workarounds, including temporarily restricting access to jscript.dll.
Unfortunately for users, a fix mostly likely won’t be out for a little over three weeks. Microsoft claims that they most likely won’t have a fix ready until their February 11th security release. They encourage you to consider workarounds or be very careful about clicking on links to visit dubious and unfamiliar sites.
Or… You could be using another browser. Something like Firefox (which has a similar issue last week but was patched), Chrome, or the new Chromium-based Edge browser. Unlike their original Edge browser, this one is fully compatible with all sites. Well, it is a Microsoft version of Chrome. It is not as resource heavy as Chrome or Firefox. It had been out in a beta version for several months. We used the browser during that time and found it quick, responsive, and perfect for older computers.