'Microsoft confirms zero-day bug in IE6, IE7 and IE8'

Wallace · Dec 31, 2012

"Computerworld - Microsoft on Saturday confirmed that Internet Explorer (IE) 6, 7 and
8 contain an unpatched bug -- or "zero-day" vulnerability -- that is being used by
attackers to hijack victims' Windows computers.
The company is "working around the clock" on a patch, its engineers said. They have
also released a preliminary workaround that will protect affected IE customers until
the update is ready.
In a security advisory issued Dec. 29, Microsoft acknowledged that attacks are taking
place. "Microsoft is aware of targeted attacks that attempt to exploit this vulnerability
through Internet Explorer 8," the alert stated.
Newer versions of IE, including 2011's IE9 and this year's IE10, are not affected,
Microsoft said. It urged those able to upgrade to do so."
http://www.computerworld.com/s/article/9235097/Microsoft_confirms_zero_day_bug_in_IE6_IE7_and_IE8

Tsing Tao · Dec 31, 2012

Quote from Wallace:

"Computerworld - Microsoft on Saturday confirmed that Internet Explorer (IE) 6, 7 and
8 contain an unpatched bug -- or "zero-day" vulnerability -- that is being used by
attackers to hijack victims' Windows computers.
The company is "working around the clock" on a patch, its engineers said. They have
also released a preliminary workaround that will protect affected IE customers until
the update is ready.
In a security advisory issued Dec. 29, Microsoft acknowledged that attacks are taking
place. "Microsoft is aware of targeted attacks that attempt to exploit this vulnerability
through Internet Explorer 8," the alert stated.
Newer versions of IE, including 2011's IE9 and this year's IE10, are not affected,
Microsoft said. It urged those able to upgrade to do so."
http://www.computerworld.com/s/article/9235097/Microsoft_confirms_zero_day_bug_in_IE6_IE7_and_IE8
More...

Haven't used IE in years.

lemmer · Dec 31, 2012

Quote from Tsing Tao:

Haven't used IE in years.
More...

I agree. If you work with serious amount of money every day, using I.E is playing with fire.

comintel · Dec 31, 2012

Quote from Wallace:

"Computerworld - Microsoft on Saturday confirmed that Internet Explorer (IE) 6, 7 and
8 contain an unpatched bug -- or "zero-day" vulnerability -- that is being used by
attackers to hijack victims' Windows computers.
The company is "working around the clock" on a patch, its engineers said. They have
also released a preliminary workaround that will protect affected IE customers until
the update is ready.
In a security advisory issued Dec. 29, Microsoft acknowledged that attacks are taking
place. "Microsoft is aware of targeted attacks that attempt to exploit this vulnerability
through Internet Explorer 8," the alert stated.
Newer versions of IE, including 2011's IE9 and this year's IE10, are not affected,
Microsoft said. It urged those able to upgrade to do so."
http://www.computerworld.com/s/article/9235097/Microsoft_confirms_zero_day_bug_in_IE6_IE7_and_IE8
More...

Yeah they were forced to admit it after completely independent sources revealed publicly that it had been injected into on the Council for Foreign Relations web site.

Log in or Sign up

'Microsoft confirms zero-day bug in IE6, IE7 and IE8'

Wallace

Tsing Tao

lemmer

comintel