Microsoft has fixed a zero-day security hole in its browser, Internet Explorer, related to memory corruption.

The vulnerability, labeled CVE-2021-26411, allows an attacker to trick users into visiting a specially designed malicious website hosted on Internet Explorer. In addition, an attacker could disrupt an existing site by placing malicious ads on pages that allow users to host content. Although an attacker must first use E-mail or instant messaging to entice users to participate in these ads and sites to harm the victim, potentially malicious actors across the Internet can exploit this vulnerability.

This vulnerability puts users’ content integrity at serious risk

Because the vulnerability exists in the network stack, the CVE can be used as a remote executable. In addition, an attacker does not need any special escalation privileges to exploit this vulnerability. Once the attack is proven successful, it is possible for an attacker to modify any accessed files and other user information, putting the user’s content integrity at significant risk.

Perhaps most interesting, in this case, the hackers spent weeks building a trust specifically aimed at security research. Since its discovery, researchers have traced the attack back to North Korea. The attacker contacted the researchers through the original research blog, established an effective connection, and created Twitter personas to request collaboration on the project. Fake social media profiles would prompt researchers to visit the page. From there, even fully patched Windows 10 computers will eventually install malicious services and memory backdoors to communicate with servers controlled by attackers.

In addition to Internet Explorer, the bug also affects Microsoft’s more secure browser, Edge. In addition, the researchers eventually discovered that the attackers had supplemented their “puddle” attack with a fraudulent Visual Studio Project website that apparently contained the source code for a proof-of-concept vulnerability. The alleged project actually contained custom malware that made contact with the hackers’ control servers.

As of now, Microsoft has released an official patch and update for this vulnerability. Those Microsoft users who need an immediate Update can access “Start” > “Settings” > “Update and Security” > “Windows Update” on their systems.