Serious Security Flaw Discovered in Internet Explorer

Asked By 10 points N/A Posted on -
qa-featured

There was a flaw discovered in IE and microsoft is going to release a patch next week ? Does anyone know what is that flaw about ? Where in IE it can be found?

SHARE
Answered By 0 points N/A #143918

Serious Security Flaw Discovered in Internet Explorer

qa-featured

Hello! Technical details about the exploit yet but the organizer of each of the PWN2OWN event for 5 years now, Aaron Portnoy said that the intruder – Stephen Fewer, founder of Harmony Security detour Internet Explorer’s protected mode. Protected Mode is Microsoft’s version of a sandbox technology that is designed to separate the browser from the rest of the computer and it’s operating system. PWn2OWN’s organizers report the exploit to the vendors and give them 6 months to come up with a fix of the problem before they release technical details of the said exploit. Microsoft is said to be soon releasing a patch for the exploit that its browser fell to.

Answered By 563960 points N/A #284345

Serious Security Flaw Discovered in Internet Explorer

qa-featured

Back in 2014, a serious flaw in Microsoft Internet Explorer was discovered which allows cyber criminals mimic known websites to steal user information. Microsoft cautioned that the flaw had already been used in “limited, targeted attacks” against networks and people using Microsoft Internet Explorer 6 up to 11.

The discovery of this flaw follows the discovery of one of the most vital vulnerabilities ever found in security software, the “Heartbleed bug”. Hackers used the Heartbleed bug to steal user passwords and other confidential data. A cyber security company called FireEye that specializes in tracking state-backed hackers said that attackers were actively using the flaw in a campaign they called “Operation Clandestine Fox”.

According to Symantec, they verified that the flaw crashes Microsoft Internet Explorer on Windows XP. This vulnerability was fixed with a security update on May 1, 2014. Earlier than that, in January 14, 2010, Microsoft released an advisory saying that attackers targeting Google and other United States companies used software that exploits a security hole which had already been patched. The following are the affected versions and operating systems:

  • Microsoft Internet Explorer 6 – Windows XP and Windows Server 2003
  • Microsoft Internet Explorer 6 Service Pack 1 – Windows 2000 Service Pack 4
  • Microsoft Internet Explorer 7 – Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008
  • Microsoft Internet Explorer 8 – Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008 R2

Login/Register to Answer

Related Questions