Mar 19, 2018 Official Download—Get the latest IE internet browser for your system. Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 web browsers. Microsoft releases additional. Which can be found in the Download. Security Bulletin Security Update Security Advisory Internet Explorer. Internet Explorer; Microsoft Edge. You to download and run the security patch. That you are experiencing issue with Internet Explorer patch version.
The flaw allows an attacker to hijack control of your computer via Internet Explorer – just by visiting a boobytrapped webpage.
Microsoft has urged Windows users to update their machines after discovering a bug in Internet Explorer that could allow hackers to take control of their machines.
It would allow an attacker to hijack control of your computer via Internet Explorer – just by visiting a boobytrapped webpage.
All versions of Windows, including Windows 10 are vulnerable to the bug, the firm said - although its new Edge browser is not.
In its advisory, Microsoft warns that vulnerable computers can be exploited just by visiting maliciously-crafted webpages using Internet Explorer, with no further user interaction is required.
'This security update resolves a vulnerability in Internet Explorer,' it says.
'The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.
'An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.
Microsoft Internet Explorer Update Free Download
'This security update is rated Critical for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers.'
Share this article
The update addresses how Internet Explorer handles objects in memory, preventing any further interference.
Experts say the bug is a major flaw.
'If Microsoft calls a vulnerability 'critical,' warns that it affects all versions of Windows, and is prepared to issue a patch outside of its normal Patch Tuesday monthly schedule, you should sit up and listen,' said security expert Graham Cluley.
Source: StatCounter Global Stats - Browser Market Share
Around 17.64 per cent of the world currently uses Internet Explorer, and around 23.35 per cent of the UK, according to StatCounter.
A BRIEF HISTORY OF IE
Internet Explorer, which was first called Windows Internet Explorer, was first released as part of the add-on package Plus! for Windows 95 in 1995.
Internet Explorer was one of the most widely used web browsers, attaining a peak of about 95 per cent during 2002 and 2003.
However, it struggled in the face of competition, and in May 2012 it was announced that Google's Chrome overtook Internet Explorer as the most used browser worldwide.
The brand has struggled to shake off the bad reputation of Internet Explorer 6, which was notoriously insecure.
He says it is most likely, attempts would be made to redirect potential victims to boobytrapped websites using spammed-out links, or by tricking users into opening an unsolicited email attachment.
Microsoft's advisory states:
'The CVE-2015-2502 memory corruption vulnerability exists because IE does not properly manage certain objects in memory. The vulnerability is rated critical for Windows non-Server operating systems,' says Lane Thames, Software Development Engineer at Tripwire.
'However, the vulnerability is rated moderate for Windows Server platforms including Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2.'
Around 17.64 per cent of the world currently uses Internet Explorer, and around 23.35 per cent of the UK, according to StatCounter.
Microsoft's new operating system will run on the 'broadest types of devices ever'.
It will come with Cortana and the personal assistant app will run on the desktop.
It merges various app stores into one platform, called the One Store.
Microsoft is bringing back the Start Menu, which was removed from Windows 8.
And users can create multiple desktops to keep things organised.
EDGE: THE NEW INTERNET EXPLORER
Microsoft has released an entirely new browser to replace Internet Explorer in Windows 10.
some of its features include:
Cortana in Edge is a personal assistant that helps make Web browsing easier for you, with whatever you're trying to get done.
Inking and sharing so you can capture and communicate your thoughts: Enables you to write or type directly on the page, comment on what's interesting or clip what you want – then easily share this 'Web Note' via mail, or a social network.
The Spartan browser is designed to be faster, clearer and even let people wrote on web pages using a stylus
Reading List and Reading View
The new rendering engine is built around the idea that the Web 'just works,' while being fast, more secure and more reliable.
-->Security Update for Internet Explorer (3088903)
Published: August 18, 2015 | Updated: August 20, 2015
Version: 1.1
Executive Summary
This security update resolves a vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
This security update is rated Critical for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers. For more information, see the Affected Software section.
The security update addresses the vulnerability by modifying how Internet Explorer handles objects in memory.
For more information about the vulnerability, see the Vulnerability Information section.
For more information about this update, see Microsoft Knowledge Base Article 3088903.
Affected Software
The following software versions or editions are affected. Versions or editions that are not listed are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see Microsoft Support Lifecycle.
Affected Software
| **Operating System** | **Component** | **Maximum Security Impact** | **Aggregate Severity Rating** | **Updates Replaced** |
| **Internet Explorer 7** | ||||
| Windows Vista Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=fdc9a2ff-11ba-4b3d-9cc4-d5e236eb62e6) (3087985) | Remote Code Execution | Critical | None |
| Windows Vista x64 Edition Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=908bd2cf-630b-4715-84c4-c3cbd870d608) (3087985) | Remote Code Execution | Critical | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=f40669c3-2a8d-4bbf-bb74-82aaac679b65) (3087985) | Remote Code Execution | Moderate | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=6501aafb-a123-4956-b70c-7bf209695ddf) (3087985) | Remote Code Execution | Moderate | None |
| Windows Server 2008 for Itanium-based Systems Service Pack 2 | [Internet Explorer 7](http://www.microsoft.com/downloads/details.aspx?familyid=77545ff7-ee00-4f73-9bb6-df8171a7a8fc) (3087985) | Remote Code Execution | Moderate | None |
| **Internet Explorer 8** | ||||
| Windows Vista Service Pack 2 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=4917a747-d4b5-4faa-b859-cb38ecd8dd3b) (3087985) | Remote Code Execution | Critical | None |
| Windows Vista x64 Edition Service Pack 2 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=fc37cccd-3909-4ba2-be82-0f44144ab3ba) (3087985) | Remote Code Execution | Critical | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=578a2d2a-2d13-4588-8ca3-3149286960d8) (3087985) | Remote Code Execution | Moderate | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=32b112fb-b6b5-4a61-9331-900ea3bf912f) (3087985) | Remote Code Execution | Moderate | None |
| Windows 7 for 32-bit Systems Service Pack 1 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=569bfacd-d612-4504-9bd4-7af42958cb9d) (3087985) | Remote Code Execution | Critical | None |
| Windows 7 for x64-based Systems Service Pack 1 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=11de8d57-295a-41db-b179-f94979259e26) (3087985) | Remote Code Execution | Critical | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=d528a684-df53-48d8-b1b8-1dbdf815782c) (3087985) | Remote Code Execution | Moderate | None |
| Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 | [Internet Explorer 8](http://www.microsoft.com/downloads/details.aspx?familyid=1d5e7c73-139a-4263-aef9-02fb2aba957f) (3087985) | Remote Code Execution | Moderate | None |
| **Internet Explorer 9** | ||||
| Windows Vista Service Pack 2 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=ea1a609d-10f8-4f78-a230-0a7892d24cf3) (3087985) | Remote Code Execution | Critical | None |
| Windows Vista x64 Edition Service Pack 2 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=4da928c7-c9c4-45c5-84f9-05cad38cc261) (3087985) | Remote Code Execution | Critical | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=4e3c0593-dc45-4def-ae53-5d6b23bf47bc) (3087985) | Remote Code Execution | Moderate | None |
| Windows Server 2008 for x64-based Systems Service Pack 2 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=4fdd0d5e-6929-4dfa-b0e5-160465d54e4a) (3087985) | Remote Code Execution | Moderate | None |
| Windows 7 for 32-bit Systems Service Pack 1 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=0baf2b37-bdb8-412d-a8ec-32b1d97343b8) (3087985) | Remote Code Execution | Critical | None |
| Windows 7 for x64-based Systems Service Pack 1 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=607663a8-4b76-4c02-ba59-281352a78c29) (3087985) | Remote Code Execution | Critical | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | [Internet Explorer 9](http://www.microsoft.com/downloads/details.aspx?familyid=7857857e-93ee-47aa-a14c-4d7b6d258187) (3087985) | Remote Code Execution | Moderate | None |
| **Internet Explorer 10** | ||||
| Windows 7 for 32-bit Systems Service Pack 1 | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=e9bc0f6d-308e-4094-8012-a2282158a599) (3087985) | Remote Code Execution | Critical | None |
| Windows 7 for x64-based Systems Service Pack 1 | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=150f2735-3a7d-4497-b2e4-698ec0b6af36) (3087985) | Remote Code Execution | Critical | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=08d4be9b-7283-4718-9bb5-68755090146a) (3087985) | Remote Code Execution | Moderate | None |
| Windows 8 for 32-bit Systems | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=47b4ec1c-2ca6-49b2-882e-c5262fef540d) (3087985) | Remote Code Execution | Critical | None |
| Windows 8 for x64-based Systems | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=b08a013a-9335-47eb-9f00-9d31b99184bc) (3087985) | Remote Code Execution | Critical | None |
| Windows Server 2012 | [Internet Explorer 10](http://www.microsoft.com/downloads/details.aspx?familyid=825724a0-0b2f-4312-94e5-b52dc7367c29) (3087985) | Remote Code Execution | Moderate | None |
| Windows RT | Internet Explorer 10[1](3087985) | Remote Code Execution | Critical | None |
| **Internet Explorer 11** | ||||
| Windows 7 for 32-bit Systems Service Pack 1 | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=77b5f5cd-efd5-4fb5-a01c-66b0b1c7f66d) (3087985) | Remote Code Execution | Critical | None |
| Windows 7 for x64-based Systems Service Pack 1 | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=4d5fb8a9-bb7c-4dc1-823e-3f2394cf3089) (3087985) | Remote Code Execution | Critical | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=114f134e-27d4-4998-9a27-fe678a201669) (3087985) | Remote Code Execution | Moderate | None |
| Windows 8.1 for 32-bit Systems | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=5fb74b22-3fc7-413d-b913-4425acc616be) (3087985) | Remote Code Execution | Critical | None |
| Windows 8.1 for x64-based Systems | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=74577736-ce17-4722-96b2-831a890309e7) (3087985) | Remote Code Execution | Critical | None |
| Windows Server 2012 R2 | [Internet Explorer 11](http://www.microsoft.com/downloads/details.aspx?familyid=8df9eae6-bd91-4df8-bf51-4117056b6983) (3087985) | Remote Code Execution | Moderate | None |
| Windows RT 8.1 | Internet Explorer 11[1](3087985) | Remote Code Execution | Critical | None |
| [Windows 10 for 32-bit Systems](https://support.microsoft.com/en-us/kb/3081444)[2](3081444) | Internet Explorer 11 | Remote Code Execution | Critical | 3081436 in [MS15-079](http://go.microsoft.com/fwlink/?linkid=619622) |
| [Windows 10 for x64-based Systems](https://support.microsoft.com/en-us/kb/3081444)[2](3081444) | Internet Explorer 11 | Remote Code Execution | Critical | 3081436 in [MS15-079](http://go.microsoft.com/fwlink/?linkid=619622) |
[2]The Windows 10 update is cumulative. In addition to containing non-security updates, it also contains all of the security fixes for all of the Windows 10-affected vulnerabilities shipping with this month’s security release. See Microsoft Knowledge Base Article 3081444 for more information and download links.
Microsoft Updates
Note Windows Server Technical Preview is affected. Customers running this operating system are encouraged to apply the update, which is available via Windows Update.
Severity Ratings and Vulnerability Identifiers
The following severity ratings assume the potential maximum impact of the vulnerability. For information regarding the likelihood, within 30 days of this security bulletin's release, of the exploitability of the vulnerability in relation to its severity rating and security impact, please see the Exploitability Index in the August bulletin summary.
Where specified in the Severity Ratings and Impact table, Critical, Important, and Moderate values indicate severity ratings. For more information, see Security Bulletin Severity Rating System. Refer to the following key for the abbreviations used in the table to indicate maximum impact:
| Abbreviation | Maximum Impact |
| RCE | Remote Code Execution |
| EoP | Elevation of Privilege |
| ID | Information Disclosure |
| SFB | Security Feature Bypass |
| **Vulnerability Severity Ratings and Impact** | |||||||
| **CVE number** | **Vulnerability Title** | **Internet Explorer 7** | **Internet Explorer 8** | **Internet Explorer 9** | **Internet Explorer 10** | **Internet Explorer 11** | **Internet Explorer 11** **on Windows 10** |
| [CVE-2015-2502](http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2502) | Memory Corruption Vulnerability | Windows Clients: **Critical / RCE** Windows Servers: **Moderate / RCE** | Windows Clients: **Critical / RCE** Windows Servers: **Moderate / RCE** | Windows Clients: **Critical / RCE** Windows Servers: **Moderate / RCE** | Windows Clients: **Critical / RCE** Windows Servers: **Moderate / RCE** | Windows Clients: **Critical / RCE** Windows Servers: **Moderate / RCE** | Windows Clients: **Critical / RCE** |
Update FAQ
Is update 3081444 a cumulative security update for Internet Explorer 11?
Yes. Security update 3081444 is a cumulative security update for users running Internet Explorer 11 on Windows 10.
Is update 3087985 a cumulative security update for Internet Explorer?
No. Security update 3087985 is not a cumulative update.
Are there any prerequisites for update 3087985?
Yes. Customers running Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, or Internet Explorer 11 on Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows RT 8.1 must first install the 3078071 update released on August 11, 2015 before installing the 3087985 update.
Note For Download Center customers:
Microsoft Internet Explorer 10
If you download and install updates manually, you must first install update 3078071 before installing update 3087985. Failure to follow the install order can lead to degraded functionality.
Vulnerability Information
Memory Corruption Vulnerability – CVE-2015-2502
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. This vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer, and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements by adding specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an instant messenger or email message that takes users to the attacker's website, or by getting them to open an attachment sent through email.
An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Systems where Internet Explorer is used frequently, such as workstations or terminal servers, are at the most risk from this vulnerability.
The update addresses the vulnerability by modifying how Internet Explorer handles objects in memory. The following table contains links to the standard entry for each vulnerability in the Common Vulnerabilities and Exposures list:
| Vulnerability title | CVE number | Publicly disclosed | Exploited |
| Memory Corruption Vulnerability | CVE-2015-2502 | No | Yes |