A New Bug Has Been Found in Every Single Version of Internet Explorer
2014.04.28
Microsoft confirmed last night that a new zero day vulnerability has been found to affect every single version of Internet Explorer. That means, just about over a quarter of the entire browser market.
The vulnerabilities are largely targeting Ie versions 9, 10 and 11 in something called "use after free" attack. It corrupts data as soon as memory has been released. According to Microsoft:
The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
Redmond is invetigating the issue and will have an out of cycle security patch to take care of the problem. In the meantime, steer clear away from Internet Explorer if you aren't already doing so. [Microsoft via Cnet]More Articles
Copyright © Fooyoh.com All rights reserved.