Zero-day vulnerability in IE is being used to enter Gmail accounts
Google and Microsoft warned – separately – on a zero-day vulnerability found in Internet Explorer that is being exploited to access Gmail accounts. The failure of the browser, which is not patched at this time, exposes Windows users to attacks from remote code execution without the user noticing (just enter a website that has a trap installed).
Both companies agreed that the attacks are currently active, and it would be this problem that motivated now warn that Gmail users in the inbox about “attacks paid for by governments” .
Microsoft explained that the vulnerability could be exploited when a user visits a site from the Internet Explorer web specially formulated for the failure. “An attacker would have no way to force users to visit that site. Instead, the attacker would have to convince users, typically by getting them to click an e-mail or instant message that leads them to the attacker’s page. “
The vulnerability affects all versions of Windows. As yet no patch, Microsoft released a tool that blocks attacks that use this. The vulnerability is different from those patched on Tuesday in the latest patch bundle for the company.Gmail, Google, IE, Internet Explorer, Mail, Microsoft, Security, vulnerability