Friday February 21, 2020
Home Lead Story Microsoft Wor...

Microsoft Works To Fix Security Bug Issue in Internet Explorer

The vulnerability was found in how Internet Explorer handles memory

0
//
Microsoft
Overall, Microsoft said all supported versions of Windows are affected by the flaw, including Windows 7, which after this week will no longer receive security updates. Pixabay

 Microsoft has confirmed a security flaw affecting Internet Explorer is currently being used by hackers and it is working on a fix, to be released at a later date.

The vulnerability was first reported by US Homeland Security on Friday evening, although the issue is not limited to American devices. Overall, Microsoft said all supported versions of Windows are affected by the flaw, including Windows 7, which after this week will no longer receive security updates.

The vulnerability was found in how Internet Explorer handles memory. An attacker could use the flaw to remotely run malicious code on an affected computer, such as tricking a user into opening a malicious website from a search query or a link sent by email, TechCrunch reported recently.

“The company is only aware of limited targeted attacks for which it is already working on a fix,” the report quoted a Microsoft spokesperson. The tech giant assigned the bug with a common vulnerability identifier, CVE-2020-0674, but specific details of the bug have yet to be released.

Qihoo 360, a China-based security research team helped Microsoft in finding this flaw and it is believed to be a similar vulnerability as one disclosed by Mozilla, the maker of the Firefox browser.

As per report, neither Qihoo, Microsoft, nor Mozilla said how attackers were exploiting the bug, who the attackers were, or who was being targeted. Microsoft assigned the bug with a common vulnerability identifier, CVE-2020-0674, but specific details of the bug have yet to be released.

Microsoft
Microsoft has confirmed a security flaw affecting Internet Explorer is currently being used by hackers and it is working on a fix, to be released at a later date. Pixabay

Additionally, according to information gathered by PreciseSecurity.com, Microsoft Office products were the most commonly exploited by cybercriminals around the world and nearly 73 per cent of cyber exploits were performed in MS Office products in the third quarter of 2019.

ALSO READ: Tesla Owners Unintentionally Buy Software Updates, Face Troubles in Getting Refunds

MS Office products were followed by Browsers with 13.47 per cent of the total number of exploits by cybercriminals, Android with 9.09 per cent, Java with 2.36 per cent, Adobe Flash with 1.57 per cent and PDF with 0.66 per cent. (IANS)

Next Story

Microsoft Tests Software Called “Election Guard” To Make Voting Secure

Microsoft tests its newly-developed software to ensure votes are not altered

0
Microsoft
Microsoft has begun testing its free open-source software called "ElectionGuard"that aims to secure votes. Pixabay

Microsoft has begun testing its free open-source software called “ElectionGuard” in a small Wisconsin town in the US that aims to make voting more secure, verifiable and efficient.

“ElectionGuard” will enable end-to-end verification of elections, open results to third-party organisations for secure validation, and allow individual voters to confirm their votes were correctly counted.

It enables government entities, news outlets, human rights organisations or anyone else to build additional verifiers that independently can certify election results have been accurately counted and have not been altered, according to the company. The software would create a paper trail and assure voters their votes were properly tallied.

“On Tuesday, Fulton residents are using the technology while choosing who will join the local school board and hold a seat on Wisconsin’s state Supreme Court,” reports CNBC. With the test, the company aims to see if voters like the experience and make sure everything works fine.

Microsoft
“ElectionGuard” by Microsoft will enable end-to-end verification of election. Pixabay

In May last year, Microsoft CEO Satya Nadella announced “ElectionGuard”. According to Tom Burt, Corporate Vice President, Customer Security and Trust, voting system manufacturers will be free to build ElectionGuard into their systems in a variety of ways.

“These are exciting steps that enable individual voters to confirm their vote was properly counted, and assures those voters using an ElectionGuard system of the most secure and trustworthy vote in the history of the US,” Burt said in a recent blog post. “ElectionGuard” is not intended to replace paper ballots but rather to supplement and improve systems that rely on them, and it is not designed to support internet voting.

The software provides each voter a tracker with a unique code that can be used to follow an encrypted version of the vote through the entire election process via a web portal provided by election authorities.

During the process of vote-casting, voters have an optional step that allows them to confirm that their trackers and encrypted votes accurately reflect their selections. But once a vote is cast, neither the tracker nor any data provided through the web portal can be used to reveal the contents of the vote.

Also Read- Saliva can Help Detect Surplus Body Fat in Teenagers: Study

After the election is complete, the tracker codes can be used by voters to confirm that their votes were not altered or tampered with and that they were properly counted, said Microsoft.

On the security front, “ElectionGuard” uses something called homomorphic encryption – which enables mathematical procedures “like counting – to be done with fully encrypted data”. (IANS)