Microsoft knew of IE flaw since September
The zero-day flaw in Internet Explorer was patched yesterday, but Microsoft has apparently known about the vulnerability for months.
The software company has claimed in a blog post it was set to release a patch to fix them in February but had to push this forward to yesterday due to the Google and China public revelations.
Jerry Bryant, a member of the Microsoft Security Response Centre (MSRC), said in the blog post: "As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September."
The flaw is an invalid pointer reference which gives cyber criminals the ability to perform remote code execution. Although it has so far only been proved to have happen on IE 6, the patch addresses all version of the popular browser.
Earlier this week both French and German governments warned citizens not to use the browser whereas the UK Cabinet Office told The Guardian: "it doesn't think the issue [of being open to hacking] would be resolved any better by going elsewhere."
More information about the patch can be found in Microsoft's security bulletin here.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now