Microsoft knew of IE flaw since September

The zero-day flaw in Internet Explorer was patched yesterday, but Microsoft has apparently known about the vulnerability for months.


Microsoft has admitted it knew about the flaws in Internet Explorer that led to the Google hack attacks since September.

The software company has claimed in a blog post it was set to release a patch to fix them in February but had to push this forward to yesterday due to the Google and China public revelations.

Advertisement - Article continues below

Jerry Bryant, a member of the Microsoft Security Response Centre (MSRC), said in the blog post: "As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September."

The flaw is an invalid pointer reference which gives cyber criminals the ability to perform remote code execution. Although it has so far only been proved to have happen on IE 6, the patch addresses all version of the popular browser.

Earlier this week both French and German governments warned citizens not to use the browser whereas the UK Cabinet Office told The Guardian: "it doesn't think the issue [of being open to hacking] would be resolved any better by going elsewhere."

More information about the patch can be found in Microsoft's security bulletin here.

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now


cloud backup

Google Backup and Sync review: That syncing feeling

17 Mar 2020

10 quick tips to identifying phishing emails

16 Mar 2020
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
Google Android

Android 11 developer access arrives earlier than expected

20 Feb 2020

Most Popular

video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020