Slashdot Mirror

← Back to Stories (view on slashdot.org)

New IE Remote Code Execution Vulnerability Discovered

Posted by Unknown on from the luckily-has-zero-users dept.

An anonymous reader writes "Microsoft is investigating a new remote code execution vulnerability in Internet Explorer and preparing a security update for all supported versions of its browser (IE6, IE7, IE8, IE9, IE10, and IE11). The company has issued a security advisory in the meantime because it has confirmed reports that the issue is being exploited in a 'limited number of targeted attacks' specifically directed at IE8 and IE9."

6 of 63 comments (clear)

  1. Re:News for nerds? by Mitchell314 · · Score: 4, Insightful

    A commonly used program has a long running vulnerability. I would definitely say that's right up /.'s alley.

    --
    I read TFA and all I got was this lousy cookie
  2. Internet Explorer 6? by ArcadeMan · · Score: 3, Insightful

    Even Microsoft sent flowers to the mock funerals. And now they're digging out the grave to patch a corpse?

    --
    Get free satoshi (Bitcoin) and Dogecoins
    1. Re:Internet Explorer 6? by Anonymous Coward · · Score: 4, Interesting

      Even Microsoft sent flowers to the mock funerals. And now they're digging out the grave to patch a corpse?

      You can be pretty sure they would rather not have to work on it, but they've committed to supporting it until Spring 2014.

      They've made a rod for their own back with that one, but that's how it is.

      The really exciting bit will be when IE6 support finally does come to an end. I'd be willing to bet there are people who've found expoits but are holding back from using them until then. My bet is that anyone still using IE6 on the day of the last security patch will be hacked into oblivion by the end of that week.

  3. Pretty good in general by jones_supa · · Score: 3, Informative

    Things like this happen, but I have to say that these days Microsoft has mostly taped Windows together quite well. We don't anymore see sensational headlines like "Blaster worm infects millions of computers". So for the 6.x core things are way better than in the past. However the EOL'ing of Windows XP will probably zombify heaps of machines.

  4. Re:News for nerds? by Anonymous Coward · · Score: 4, Funny

    IE is very good browser these days. I'm not even joking.

  5. No sensational headlines? by hAckz0r · · Score: 3, Interesting
    That because the threat has changed. Now it's about botnets and making a long term profit, not just scaring people senseless. If the botnet is not completely stealth then it is not successful, and dies an early death. The current set of botnets are almost military grade software, out there waiting for the highest bidders line of work. The problem has not gone away, its just gone underground where only the most talented admins can even find or track them.

    .
    Botnet Command and Control map:
    https://www.shadowserver.org/wiki/pmwiki.php/Stats/BotnetMaps#botnet