Microsoft warns of security flaw in Internet Explorer

Microsoft has warned users of a security flaw in its Internet Explorer browser that allows hackers on the same network as much access as a legitimate user.

Using the vulnerability, an attacker could take complete control of the system and then install programmes, view, change, or delete data, or create new accounts with full user rights.

"Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11. The vulnerability is a remote code execution vulnerability," it said in a blogpost.

The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated, it added.

Though the share of Internet Explorer has dropped significantly over the last few years as browsers like Google Chrome and Mozilla Firefox gained traction, but it still remains the browser of choice for many netizens.

This could be troubling news for PCs still running on Windows XP operating system as they will not receive any updates fixing the bug when it is released as Microsoft stopped supporting the 13-year-old operating system earlier this month.

"On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs," Microsoft said.

It added that the company is actively working with partners to provide information that can be used to provide broader protections to customers.

"Microsoft continues to encourage customers to follow the guidance in the Microsoft Safety and Security Center of enabling a firewall, applying all software updates, and installing antimalware software," it said.