Microsoft Says Upgrade To IE8, Even Though It's Vulnerable

Posted by CmdrTaco on Monday January 18, 2010 @02:33AM from the oh-we'll-fix-it-eventually dept.

Barence writes "Microsoft has issued a statement urging people to upgrade their browser to IE8, after the zero-day exploit that was used to attack companies such as Google went public. According to Microsoft's security advisory: 'the vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.' But, although IE6 has been the source of the attacks until now, Microsoft's advisory admits that both IE7 and IE8 are vulnerable to the same flaw, even on Windows 7."

2 of 279 comments (clear)

Min score:

Reason:

Sort:

Marketing must be pleased by webdog314 · 2010-01-18 02:42 · Score: 5, Funny

Software Engineer: "It's a complete mess... The vulnerability is present in IE6, 7, and 8 and it won't be an easy fix."
Marketing Shill: "Excellent! Now they've no reason not to upgrade to IE8. Get out a Security Advisory at once!"
Re:well done Google by ElSupreme · 2010-01-18 02:54 · Score: 3, Funny

Yeah use our cool browser that reports almost all of you browsing back to us. We won't be evil, we promise!

--
My addiction: Arguing with idiots. AKA Slashdot!