also @ TechSpot: AT&T to enable all pre-loaded video chat apps over cellular this year

More IE flaws found, hackers might not know about them

By

On January 26, 2010, 4:10 PM

Less than a week after Microsoft patched the Internet Explorer vulnerabilities responsible for the China-based attacks on Google and over two dozen other tech companies, more flaws have cropped up. Core Security Technologies has discovered a set of holes, which aren't very serious on their own, but can be exploited together to take control of a system remotely.

"There are three or four ways to conduct this type of attack," said Jorge Luis Alvarez Medina, a security consultant for the firm, and hackers could string together four or five minor vulnerabilities in IE to compromise a system. Alvarez Medina notes that he wasn't sure whether the exploit has been used in the wild.

Core Security Technologies is reportedly working with Microsoft to remedy the flaws, and Redmond told Ars that it is "investigating a responsibly disclosed vulnerability in Internet Explorer," and it is "currently unaware of any attacks trying to use the vulnerability or of customer impact, and believe consumers are at a reduced risk due to responsible disclosure."

There's no word on when to expect a patch -- let's hope it's not five months away this time.

No tags on this story

5 comments

User Comments: 5

Got something to say? Post a comment
  1. January 26, 2010 5:36 PM
    Emin3nce said:

    Flaws in IE? Nawwwwww

    Reply
  2. January 26, 2010 7:56 PM
    9Nails, TechSpot Paladin, said:

    So, if I took I.E. out of Windows 7, how many security holes did I fix? Correct answer - all of them.

    Reply
  3. January 27, 2010 8:53 AM
    Guest said:

    I just patched my system. Dumped IE8 and switched to an alternate browser. Also considering moving from Windows to Linux to improve security.

    Reply
  4. January 27, 2010 9:00 AM
    Guest said:

    I've done the same and I feel so safe.

    Reply
  5. January 27, 2010 9:45 AM
    yangly18
    yangly18 said:

    internet explorer should just be dumped altogether if they dont want to put in the time to make it as secure as other browsers. I don't even know why it comes on computers pre-installed anymore, maby it's their way of trying to get people to get some viruses and mareware in their computer so they will think it's broken and go buy another one. I use google chrome and opera mostly, I find them quite effective and I like their designs. Along with a good firewall/spyware blocker I have great protection and yet have to get a single virus on my computer.

    long story short- windows should contract with another browser as their default.

    Reply

Recently commented stories

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Featured on Laptops

Downloads and Drivers

Downloads   Drivers  

BitTorrent Sync 1.0.134

Dropbox for Android 2.3.8

IObit Malware Fighter 2.0

Wise Folder Hider 1.35.71

HelpNDoc 3.9.1

More Downloads

Latest Discussion

How to bypass Iran's Gov filters on Internet 26 replies on Software Apps

Which Wireless Network Card for my MOBO ? 6 replies on Storage and Networking

Which is your favorite game? 14 replies on Gaming

What game first got you hooked on gaming? 173 replies on Gaming

HDD vs USB vs SSD boot 6 replies on Storage and Networking

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.