Friday, January 7, 2011

IE zero-day bug leads to squabble between Microsoft, researcher

MS, you are a big damn baby!


IE zero-day bug leads to squabble between Microsoft, researcher: "Microsoft is accusing Zalewski of increasing the risk to IE users—the company says attackers may find a way to exploit the flaw before a patch can be tested and distributed. Zalewski insists that Microsoft knew about the flaw and his plan to release in January for more than six months, however, and did nothing until it was almost too late."
Posted by at No comments:

US-CERT Current Activity

Yet another reason to move on to other technologies!

US-CERT Current Activity: "Microsoft Internet Explorer 8 use-after-free Vulnerability

added January 7, 2011 at 08:27 am
US-CERT is aware of a vulnerability affecting Microsoft Internet Explorer 8. This vulnerability is due to improper handling of circular memory references. Exploitation of this vulnerability may allow an attacker to execute arbitrary code in the context of the user or cause a denial-of-service condition."
Posted by at No comments:
Subscribe to: Posts (Atom)