Microsoft has issued a security update that will patch an exploit found in all supported versions of Internet Explorer. The vulnerability could allow attackers to gain access to a PC and bestows the same user rights to the attacker as the affected user.
According to Microsoft, the update patches a vulnerability that would allow remote code execution if a user surfed to a "specially crafted webpage". If this were to occur, the attacker would gain access to the PC and have the same access rights as the affected user. This could be particularly harmful if the user had administrative rights to the PC.
This security update resolves a vulnerability in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less affected than those who operate with administrative user rights.