As much as Microsoft recommends using Windows 10 and its Edge browser to get better anti-malware protection, its old flagship browser, Internet Explorer, continues to be exploited actively to infect users .
A new vulnerability in Internet Explorer is being exploited by a group of hackers to infect Windows computers. They do this through malicious Office files , which once opened by the user launch a web page that delivers the malware from a remote server.
Qihoo 360 security researchers explain that the bug in Internet Explorer is being used on a global scale and that it affects the latest versions of Internet Explorer and other applications that use that browser .
The attack apparently also skips Windows User Account Control (UAC)and uses stenography methods to hide files within other files, an old practice that is still incredibly versatile and effective in hiding information, and that is also a paradise to hide malware.
Recall that outside Windows 10 the default browser is Internet Explorer, and apps like Office continue to use IE to open web links, and not only that, although it seems incredible to some, at the beginning of last year was still the second most browser used in the world , and according to NetMarketShare , it still is.
The researchers say they have reported the problem to Microsoft and have asked for an urgent patch. The company is apparently investigating, but its recommendation remains the same, use Windows 10 and Edge, and update the system in the usual patches on Tuesday.
Our recommendation: no longer use Internet Explorer, please. It is a browser whose latest version is five years ago, does not support modern web standards, and neither does Microsoft recommend using it.