IE Zero-Day Threat Prompts Response from Microsoft Critical Zero-Day Flaw Revealed in IE at Black Hat Stuart J Johnston
Research presented at the annual Black Hat security conference has exposed a critical zero-day flaw in Internet Explorer, and Microsoft is now warning its users to take steps to protect themselves. eSecurity Planet takes a look at the extent and severity of the flaw.
Microsoft is warning users to protect themselves from a zero-day bug in Internet Explorer (IE) after it was disclosed Wednesday at the Black Hat hacking and security conference.
The announcement came just a day before Microsoft provides advance notice regarding what bugs will be fixed on next week's Patch Tuesday.
Although Microsoft didn't initially mention the Black Hat D.C. security conference taking place outside of Washington as the source of the bug's unveiling, a company spokesperson confirmed that its Security Advisory was a response to Core Security's presentation at the event. During the presentation, researcher Jorge Luis Alvarez Medina discussed security holes in IE that could impact users of older Windows operating systems.
"Microsoft is aware of the presentation at Black Hat … which describes proof-of-concept code on an information disclosure vulnerability in Internet Explorer," a Microsoft spokesperson told InternetNews.com in an e-mail. "This affects customers running Windows XP or who have disabled Internet Explorer Protected Mode."
