Microsoft Patches IE, Admits It Knew of Bug Last August

Friday Jan 22nd 2010 by Staff

Microsoft has fixed the flaw that hackers exploited in the attack on Google and has acknowledged that an Isreali researcher reported the bug last summer.

Computerworld: As expected, Microsoft has released an emergency patch for the Internet Explorer vulnerability that Chinese hackers allegedly exploited in an attack on Google and other U.S. companies. In a blog post, Microsoft's Jerry Bryant revealed that the company had known about the problem for some time, writing, "As part of [our] investigation, we also determined that the vulnerability was the same as a vulnerability responsibly reported to us and confirmed in early September."

The man credited with spotting the vulnerability, Eyal Gruner of BugSec Security, declined to fault Microsoft for taking so long to release the patch, but he did say that he wasn't surprised hackers exploited the flaw. "We found this vulnerability very easily, and we didn't think it would be hard for others to find."

The security update also fixes seven other bugs in Internet Explorer.

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved