Microsoft knew of IE flaw since September
The zero-day flaw in Internet Explorer was patched yesterday, but Microsoft has apparently known about the vulnerability for months.
The software company has claimed in a blog post it was set to release a patch to fix them in February but had to push this forward to yesterday due to the Google and China public revelations.
Jerry Bryant, a member of the Microsoft Security Response Centre (MSRC), said in the blog post: "As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September."
The flaw is an invalid pointer reference which gives cyber criminals the ability to perform remote code execution. Although it has so far only been proved to have happen on IE 6, the patch addresses all version of the popular browser.
Earlier this week both French and German governments warned citizens not to use the browser whereas the UK Cabinet Office told The Guardian: "it doesn't think the issue [of being open to hacking] would be resolved any better by going elsewhere."
More information about the patch can be found in Microsoft's security bulletin here.
Top 5 challenges of migrating applications to the cloud
Explore how VMware Cloud on AWS helps to address common cloud migration challengesDownload now
3 reasons why now is the time to rethink your network
Changing requirements call for new solutionsDownload now
All-flash buyer’s guide
Tips for evaluating Solid-State ArraysDownload now
Enabling enterprise machine and deep learning with intelligent storage
The power of AI can only be realised through efficient and performant delivery of dataDownload now