Despite being reported months before, Microsoft has yet to produce a fix for the vulnerabilities in its internet browsers. Image: INQUIRER.net stock photo
Despite the greater popularity of web browsers Chrome and Firefox, there are those who still rely on Edge and Internet Explorer to surf the net. But it would not be a surprise if IE and Edge loyals would begin reconsidering at this point, what with a still-active vulnerability that Microsoft is yet to fix in their browsers.
The Next Web reports that this vulnerability would allow individuals of ill-intent to create sites that would force browsers to spontaneously crash, and in some cases, take control of the browser.
Google engineer Ivan Fratric discovered the bug and reported it to Microsoft back in November 2016. However, Microsoft failed to fix the flaw within the 90-day deadline, prompting Fratric to make the flaw public.
A Microsoft statement claimed they have a “customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible.”
The company also added that there is “an ongoing conversation with Google about extending their deadline since the disclosure could potentially put customers at risk.”
As it stands, there has been no evidence yet that hackers are already exploiting this flaw. However, users have reported reproducing the bug in Internet Explorer, but not in Edge. Alfred Bayle/JB