More IE flaws found, hackers might not know about them

By on January 26, 2010, 4:10 PM
Less than a week after Microsoft patched the Internet Explorer vulnerabilities responsible for the China-based attacks on Google and over two dozen other tech companies, more flaws have cropped up. Core Security Technologies has discovered a set of holes, which aren't very serious on their own, but can be exploited together to take control of a system remotely.

"There are three or four ways to conduct this type of attack," said Jorge Luis Alvarez Medina, a security consultant for the firm, and hackers could string together four or five minor vulnerabilities in IE to compromise a system. Alvarez Medina notes that he wasn't sure whether the exploit has been used in the wild.

Core Security Technologies is reportedly working with Microsoft to remedy the flaws, and Redmond told Ars that it is "investigating a responsibly disclosed vulnerability in Internet Explorer," and it is "currently unaware of any attacks trying to use the vulnerability or of customer impact, and believe consumers are at a reduced risk due to responsible disclosure."

There's no word on when to expect a patch -- let's hope it's not five months away this time.

User Comments: 5

Got something to say? Post a comment
Emin3nce said:

Flaws in IE? Nawwwwww

9Nails, TechSpot Paladin, said:

So, if I took I.E. out of Windows 7, how many security holes did I fix? Correct answer - all of them.

Guest said:

I just patched my system. Dumped IE8 and switched to an alternate browser. Also considering moving from Windows to Linux to improve security.

Guest said:

I've done the same and I feel so safe.

yangly18 yangly18 said:

internet explorer should just be dumped altogether if they dont want to put in the time to make it as secure as other browsers. I don't even know why it comes on computers pre-installed anymore, maby it's their way of trying to get people to get some viruses and mareware in their computer so they will think it's broken and go buy another one. I use google chrome and opera mostly, I find them quite effective and I like their designs. Along with a good firewall/spyware blocker I have great protection and yet have to get a single virus on my computer.

long story short- windows should contract with another browser as their default.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.