On the upcoming Patch Tuesday, Microsoft will not be issuing a fix for a critical IE8 vulnerability discovered in December. If that wasn't bad enough, a vulnerability in Internet Explorer 8 discovered by a Google security researcher will also go unaddressed.The second bug was only discovered yesterday, so perhaps Microsoft simply hasn't had a chance to work out a fix yet -- but the first flaw has already been exploited, and seen in the wild! Microsoft even admits it has seen targeted attacks, yet no fix is forthcoming.
The Google security researcher, incidentally, is concerned that third parties in China might also know about his recently-discovered vulnerability. In a beautiful twist of irony, one of his fellow researchers uploaded some data that revealed the exploit -- and moments later, the GoogleBot indexed the data, allowing two IP addresses in China to simply search for it.
Microsoft leaving two vulnerabilties in Internet Explorer 8 unpatched originally appeared on Download Squad on Thu, 06 Jan 2011 18:45:00 EST. Please see our terms for use of feeds.
No comments:
Post a Comment