IBM Raises its Internet Threat Level to AlertCon 2 In what could arguably be just about the worse time of year for such a discovery, Microsoft has confirmed the existence of a zero day vulnerability that affects Internet Explorer versions 6, 7, and 8. The vulnerability is due to "the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated." Successful exploitation of this vulnerability could lead to the execution of remote code with the privileges of the user logged in. Microsoft has stated they are aware of active exploitation of this vulnerability in the wild. We also have confirmation that this exploit has already made its way into Metasploit, which means the exploit itself is likely to spread rapidly. Learn more by listening to our threat research team in this special podcast.
Microsoft | Internet Explorer | Security | Information Security | Cyber Security