Microsoft issued a patch Tuesday to close a zero-day exploit in all supported versions of Internet Explorer.
The patch, given a “critical” rating by the company, calls for updates to every supported Windows system, including Windows 10.
The exploit works by letting attackers exploit a memory flaw in IE, allowing for remote code execution that allows attackers to gain the same user rights as the current user. In other words, the higher up the admin chain a user sits, the more potential for damage inside a network.
The vulnerability, known as CVE 2015-2502, does not affect Microsoft Edge, the new browser packaged with Windows 10.