Microsoft
More IE flaws found, hackers might not know about them
Less than a week after Microsoft patched the Internet Explorer vulnerabilities responsible for the China-based attacks on Google and over two dozen other tech companies, more flaws have cropped up. Core Security Technologies has discovered a set of holes, which aren't very serious on their own, but can be exploited together to take control of a system remotely.
"There are three or four ways to conduct this type of attack," said Jorge Luis Alvarez Medina, a security consultant for the firm, and hackers could string together four or five minor vulnerabilities in IE to compromise a system. Alvarez Medina notes that he wasn't sure whether the exploit has been used in the wild.
Core Security Technologies is reportedly working with Microsoft to remedy the flaws, and Redmond told Ars that it is "investigating a responsibly disclosed vulnerability in Internet Explorer," and it is "currently unaware of any attacks trying to use the vulnerability or of customer impact, and believe consumers are at a reduced risk due to responsible disclosure."
There's no word on when to expect a patch -- let's hope it's not five months away this time.
"There are three or four ways to conduct this type of attack," said Jorge Luis Alvarez Medina, a security consultant for the firm, and hackers could string together four or five minor vulnerabilities in IE to compromise a system. Alvarez Medina notes that he wasn't sure whether the exploit has been used in the wild.
Core Security Technologies is reportedly working with Microsoft to remedy the flaws, and Redmond told Ars that it is "investigating a responsibly disclosed vulnerability in Internet Explorer," and it is "currently unaware of any attacks trying to use the vulnerability or of customer impact, and believe consumers are at a reduced risk due to responsible disclosure."
There's no word on when to expect a patch -- let's hope it's not five months away this time.
User Comments (5)
Post a comment| Emin3nce on January 26, 2010 5:36 PM | Flaws in IE? Nawwwwww |
| 9Nails on January 26, 2010 7:56 PM | So, if I took I.E. out of Windows 7, how many security holes did I fix? Correct answer - all of them. |
| Guest on January 27, 2010 8:53 AM | I just patched my system. Dumped IE8 and switched to an alternate browser. Also considering moving from Windows to Linux to improve security. |
| Guest on January 27, 2010 9:00 AM | I've done the same and I feel so safe. |
| yangly18 on January 27, 2010 9:45 AM | internet explorer should just be dumped altogether if they dont want to put in the time to make it as secure as other browsers. I don't even know why it comes on computers pre-installed anymore, maby it's their way of trying to get people to get some viruses and mareware in their computer so they will think it's broken and go buy another one. I use google chrome and opera mostly, I find them quite effective and I like their designs. Along with a good firewall/spyware blocker I have great protection and yet have to get a single virus on my computer. long story short- windows should contract with another browser as their default. |
Most Popular
| Top Stories | Commented | Featured |
StarCraft II: Wings of Liberty GPU & CPU Performance featured
Tech Tip: Run Firefox 3.6 and Firefox 4 Beta Simultaneously featured
Over 100m Facebook profiles harvested, available in torrent
SanDisk ships its smallest USB drive in North America
Intel's Silicon Photonics Link boasts 50Gb/s transfers
Augen to sell $150 Android 2.1 tablet at Kmart
TS Community
| User Gallery | Recent Discussion |
 Front view of the old setup. by Dominik |  Bill Gates' Facebook page! by Rage_3K_Moiz |
