Skip to main content
  1. Home
  2. Computing
  3. Legacy Archives

Microsoft issues fix for 0-day vulnerability in Internet Explorer 9 and 10

Add as a preferred source on Google

If you use either Internet Explorer 9 or Internet Explorer 10, you might like to know that a new vulnerability has been discovered that affects users of both versions of Microsoft’s browser, according to Mircosoft’s Security TechCenter page. Fortunately, though Microsoft has not yet issued a full patch for this problem, they have at least put out a fix that aims to prevent hackers to use this exploit to target you while surfing the web using IE. 

Here’s what Microsoft had to say about the security hole in IE 9 and IE 10.

Recommended Videos

“The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.”

How to fix the 0-day vulnerability in Internet Explorer 9 and Internet Explorer 10

While Microsoft works on a long-term fix, users of IE 9 and IE 10 can safeguard themselves by heading over to this Microsoft page and following the instructions under the “Fix it for me” section to apply the “MSHTML shim workaround.” Microsoft advises that increased memory usage could occur once the fix is applied, but also notes that this should subside once you restart Internet Explorer.

Microsoft also said that a full patch could arrive with their regularly scheduled Patch Tuesday updates, or as an out-of-cycle update. The next Patch Tuesday will take place on March 11, about two and a half weeks from now.

On a related note, a flaw in Internet Explorer 10 was recently exploited to launch attacks on visitors of a website that caters to the needs of U.S. military veterans

What do you think? Sound off in the comments below.

Konrad Krawczyk
Former Computing Editor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
A hacker’s arrest just revealed how Microsoft can track your Windows device
Microsoft knew what websites his Windows PC visited.
Windows 11 on a laptop

A teenager allegedly used a VPN to cover his tracks while hacking a US jewelry retailer, but Microsoft knew anyway.

Court documents unsealed in the US case against Peter Stokes, a 19-year-old dual US-Estonian citizen accused of being a member of the notorious Scattered Spider hacking group, reveal that Microsoft provided the FBI with records tied to a tracking mechanism called the Global Device Identifier, or GDID. 

Read more
The days of cheap Chinese AI models could be number as government mulls restrictions similar to the US
The AI world’s bargain aisle could be closed by China soon.
DeepSeek AI chatbot running on an iPhone.

DeepSeek's R1 helped kickstart global interest in low-cost Chinese AI. This was followed by increasingly capable systems from Alibaba, ByteDance, and Z.ai. Some models can be downloaded, customized, and hosted independently, giving many developers an alternative to paying for access to expensive US platforms.

However, this bargain may soon face a geopolitical lock--and this time, it's because of China and not the US. Reuters reports that Chinese authorities have held meetings with Alibaba, ByteDance, and Z.ai about potentially restricting overseas access to the country’s most advanced AI systems. Discussions apparently included closed models and open-weight releases, along with technology that has yet to reach the public.

Read more
Microsoft pushed Copilot everywhere, but barely anyone bought it, and even fewer use it: Report
Users are barely showing up for Copilot
Microsoft Copilot Banner Featured

Microsoft has spent the past few years making Copilot extraordinarily difficult to avoid. It appeared in Windows 11, and soon found its way to Edge, Word, and almost everywhere else in Microsoft's software suite. New laptops even received a dedicated Copilot key. Microsoft wanted AI to become a daily habit, and it had hundreds of millions of existing customers to leverage.

But the latest adoption figures suggest that the distribution was quite disappointing. Microsoft revealed that Copilot 365 has more than 20 million paid seats. While that does sound impressive at a glance, this number is dwarfed when you compare the company's more than 450 million paid commercial Microsoft 365 seats. So fewer than 4.5% of those customers pay for the full Copilot experience.

Read more