This security flaw allows hackers to hijack windows based computers. The Technical name for the vulnerability is titled CVE-2014-1776. According to reports, it has something to do with Internet Explorers way of accessing an object that has not been deleted properly.
An hacker could possibly use the corrupt memory executing an arbitrary code in the context of the current user within Internet Explorer. “Microsoft is aware of limited, targeted attacks that attempt to exploit [this] vulnerability in Internet Explorer,” the software giant added.
“An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website,” says one source.
Microsoft has acknowledge and confirmed the flaw and described it as “limited, targeted attacks”, which grabs a Flash file hosted on attack websites to snag victims. According to Microsoft, the flaw affects all its browsers from IE 6 to IE 11. As previously stated, this potential enables the attacker to gain the same user rights as the original user.
The government security teams urges Windows users to consider Chrome or Firefox as their default browser until Microsoft issues a security fix for a new flaw. Microsoft has not said when a fix will be available, but some say FireEye is aiding them.