Microsoft Stalls On Vast Explorer Exploit

KingFishKingFish
edited November 2004 in Science & Tech
Microsoft is stalling requests for more information on the "extremely critical" security hole in Internet Explorer, discovered on Monday.
The problem has escalated thanks to the appearance of exploit code on public security lists, but the software giant claimed late Thursday that it could not comment as it had not yet seen the malicious code. That explanation is extremely unlikely given the fact that it was posted at 2am GMT on Tuesday on the very well-known security list Full Disclosure by the man publicly credited with finding the flaw - Berend-Jan Wever. However, the CTO of Danish security company Secunia, Thomas Kristensen, told Techworld on Friday morning that it is now in discussion with Microsoft over how to sort out the hole. Secunia had earlier posted an advisory on the vulnerability. Microsoft is clearly concerned about the significant hole since it can allow someone to run their own code on a machine and potentially seize control of your PC. So it is keeping quiet until a patch is produced. It has suggested that it may do an out-of-cycle security update just for the hole.
Source: TechWorld

Comments

Sign In or Register to comment.