Microsoft agreed to patch IE
Microsoft has changed its original decision and announced the release of an extraordinary patch covering the latest vulnerability in IE browser. The patch will appear in the coming days.
As you know, with the help of this hole was carried out a recent attack on Google and the sites of 33 other commercial companies (Operation Aurora). Last Thursday, the malicious code was published in the public domain , and exploits for IE6 were included in various hacking tools, including Metasploit. Experts warned that similar exploits will soon appear for both IE7 and IE8, but Microsoft representatives underestimated the threat and planned to include the patch only in the planned security update scheduled for February 9. For this reason, both Germany and France found it necessary to warn users about the dangers and urged them to stop using Internet Explorer.
An exploit for IE7 under Windows Vista (with DEP [data execution prevention] disabled) actually appeared this week, and there are even reports of an exploit for IE8 with DEP enabled (the code is not yet publicly available), so Microsoft was forced to admit the reality threats and change plans to release patches.
As you know, with the help of this hole was carried out a recent attack on Google and the sites of 33 other commercial companies (Operation Aurora). Last Thursday, the malicious code was published in the public domain , and exploits for IE6 were included in various hacking tools, including Metasploit. Experts warned that similar exploits will soon appear for both IE7 and IE8, but Microsoft representatives underestimated the threat and planned to include the patch only in the planned security update scheduled for February 9. For this reason, both Germany and France found it necessary to warn users about the dangers and urged them to stop using Internet Explorer.
An exploit for IE7 under Windows Vista (with DEP [data execution prevention] disabled) actually appeared this week, and there are even reports of an exploit for IE8 with DEP enabled (the code is not yet publicly available), so Microsoft was forced to admit the reality threats and change plans to release patches.
')
Source: https://habr.com/ru/post/81344/
All Articles