The issue is significant enough that Homeland Security issued anadvisoryencouraging people to both be aware of the flaw and consider implementing workarounds, including temporarily restricting access to jscript.dll.
Unlike the Firefox bug, though, you’ll have to wait a while for a patch. Microsoft said it was unlikely to provide its fix until its next monthly security release, slated for February th. Until then, you’ll either have to consider workarounds or be cautious about clicking links to visit unfamiliar sites.
The risks might not be extremely high given the modern browser market. Microsoft has largely showed Internet Explorer to the side in favor of Edge, which just got a majorChromium-based revampon January th , and you’re statistically more likely to use a third-party browser like Chrome. Nonetheless, it’s a headache – Microsoft’s past is coming back to haunt its present.
In this article: cert,department of homeland security,exploit, gear,homeland security,internet,internet explorer,microsoft, (security,us-cert,vulnerability
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
****************************
Read More
GIPHY App Key not set. Please check settings