Microsoft knew of IE flaw since September

The zero-day flaw in Internet Explorer was patched yesterday, but Microsoft has apparently known about the vulnerability for months.


Microsoft has admitted it knew about the flaws in Internet Explorer that led to the Google hack attacks since September.

The software company has claimed in a blog post it was set to release a patch to fix them in February but had to push this forward to yesterday due to the Google and China public revelations.

Jerry Bryant, a member of the Microsoft Security Response Centre (MSRC), said in the blog post: "As part of that investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September."

The flaw is an invalid pointer reference which gives cyber criminals the ability to perform remote code execution. Although it has so far only been proved to have happen on IE 6, the patch addresses all version of the popular browser.

Advertisement - Article continues below
Advertisement - Article continues below

Earlier this week both French and German governments warned citizens not to use the browser whereas the UK Cabinet Office told The Guardian: "it doesn't think the issue [of being open to hacking] would be resolved any better by going elsewhere."

More information about the patch can be found in Microsoft's security bulletin here.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


cloud computing

Google adds partners to real-time translation tools

8 Jan 2020

The IT Pro Products of the Year 2019: All the year’s best hardware

24 Dec 2019
search engine optimization (SEO)

Google is getting worse as it does more

21 Dec 2019
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020