Microsoft confirms zero day vulnerability that allows remote code execution to be present in all versions of Internet Explorer.
According to CNET, the vulnerability, which could allow remote code execution, is being used in limited and targeted attacks.
All the versions of IE are affected but versions 9,10, and 11 are reportedly the main targets.
A hacking group, APT [advanced persistent threat] is exploiting the vulnerability.
The group has been the first to have access to a select number of browser-based 0-day exploits, the report added.
Microsoft explained that luring visitors to a specially crafted web page could trigger the attack.
Microsoft reportedly said that the vulnerability might corrupt memory, allowing an attacker to execute arbitrary code in the context of the current user within Internet Explorer.