Microsoft knew of IE flaw since September

The zero-day flaw in Internet Explorer was patched yesterday, but Microsoft has apparently known about the vulnerability for months.

web

Microsoft has admitted it knew about the flaws in Internet Explorer that led to the Google hack attacks since September.

The software company has claimed in a blog post it was set to release a patch to fix them in February but had to push this forward to yesterday due to the Google and China public revelations.

Advertisement - Article continues below

Jerry Bryant, a member of the Microsoft Security Response Centre (MSRC), said in the blog post: "As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September."

The flaw is an invalid pointer reference which gives cyber criminals the ability to perform remote code execution. Although it has so far only been proved to have happen on IE 6, the patch addresses all version of the popular browser.

Earlier this week both French and German governments warned citizens not to use the browser whereas the UK Cabinet Office told The Guardian: "it doesn't think the issue [of being open to hacking] would be resolved any better by going elsewhere."

More information about the patch can be found in Microsoft's security bulletin here.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement

Recommended

Visit/cloud/cloud-backup/355025/google-backup-and-sync-review-that-syncing-feeling
cloud backup

Google Backup and Sync review: That syncing feeling

17 Mar 2020
Visit/security/355013/10-quick-tips-to-identifying-phishing-emails
Security

10 quick tips to identifying phishing emails

16 Mar 2020
Visit/business-strategy/mergers-and-acquisitions/354941/panda-security-to-be-acquired-by-watchguard
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Visit/mobile/google-android/354816/android-11-developer-access-arrives-earlier-than-expected
Google Android

Android 11 developer access arrives earlier than expected

20 Feb 2020

Most Popular

Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/cloud/355098/ibm-dedicates-supercomputing-power-to-coronavirus-researchers
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020