We shouldn’t still be having this conversation, but here we are.
On Monday, Microsoft warned users of its once beloved Internet Explorer that a critical vulnerability in the browser allows malicious actors to hijack the computers of those running the outdated program. In other words, if you still use Internet Explorer, you should really stop.
Like, right now.
“The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user,” reads the warning in part. “If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.”
Microsoft writes that, “yes,” this vulnerability has been exploited.
Now, notably, this is not the first time someone from Microsoft has urged users to ditch the discontinued browser. In February of this year, a security researcher with the company urged that people stop using IE as a default browser. Oh, and in April we learned that simply having Internet Explorer on your computer — not even using it — is a security risk.
This latest addition to the “delete Internet Explorer now” chorus minces no words in warning any holdouts of the browser — stating that all a victim has to do is visit a specifically crafted website and it’s game over.
“An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” reads Monday’s advisory.
Microsoft gives credit to Clément Lecigne of Google’s Threat Analysis Group for disclosing the vulnerability.