also @ TechSpot: Engineers boost CPU/GPU speed 21%, could be a glimpse of AMD's future

More IE flaws found, hackers might not know about them

By

January 26, 2010, 4:10 PM EST

Less than a week after Microsoft patched the Internet Explorer vulnerabilities responsible for the China-based attacks on Google and over two dozen other tech companies, more flaws have cropped up. Core Security Technologies has discovered a set of holes, which aren't very serious on their own, but can be exploited together to take control of a system remotely.

"There are three or four ways to conduct this type of attack," said Jorge Luis Alvarez Medina, a security consultant for the firm, and hackers could string together four or five minor vulnerabilities in IE to compromise a system. Alvarez Medina notes that he wasn't sure whether the exploit has been used in the wild.

Core Security Technologies is reportedly working with Microsoft to remedy the flaws, and Redmond told Ars that it is "investigating a responsibly disclosed vulnerability in Internet Explorer," and it is "currently unaware of any attacks trying to use the vulnerability or of customer impact, and believe consumers are at a reduced risk due to responsible disclosure."

There's no word on when to expect a patch -- let's hope it's not five months away this time.

Related Stories

No tags on this story

5 comments

User Comments (5)

Post a comment
Emin3nce
on January 26, 2010
5:36 PM 		Flaws in IE? Nawwwwww

Reply | Quote
9Nails
on January 26, 2010
7:56 PM 		So, if I took I.E. out of Windows 7, how many security holes did I fix? Correct answer - all of them.

Reply | Quote
Guest
on January 27, 2010
8:53 AM 		I just patched my system. Dumped IE8 and switched to an alternate browser. Also considering moving from Windows to Linux to improve security.

Reply | Quote
Guest
on January 27, 2010
9:00 AM 		I've done the same and I feel so safe.

Reply | Quote
yangly18
on January 27, 2010
9:45 AM 		internet explorer should just be dumped altogether if they dont want to put in the time to make it as secure as other browsers. I don't even know why it comes on computers pre-installed anymore, maby it's their way of trying to get people to get some viruses and mareware in their computer so they will think it's broken and go buy another one. I use google chrome and opera mostly, I find them quite effective and I like their designs. Along with a good firewall/spyware blocker I have great protection and yet have to get a single virus on my computer.
long story short- windows should contract with another browser as their default.

Reply | Quote

Browse more commented news

Post a new comment

Most Popular

Trending Featured
More Trending Topics

Downloads & Drivers

Downloads   Drivers  

BurnAware Free 4.6

HaoZip 2.6.8336

Opera 12.00.1301 Beta

DVDFab HD Decrypter 8.1.6.2

Anti Trojan Elite 5.5.9

More Downloads

Related Discussion

Same copy of Windows on both my internal hard drives?

Windows XP message shows ".dll file is not valid or missing message (Bad im…

Windows wont boot from BootCD

Dump Windows OS

Problem with Windows 7

More at the OpenBoards

Follow TechSpot

Feeds & More Newsletter