Barney's Blog

Blog archive

IE Flaw Found and Exploited

A newly found IE zero-day flaw has been found, publicized and is now being exploited. And this is not the kind of story I like to report.

In walking through this news, I'm hoping you'll help me understand the logic and report back to me and the tens of thousands of Redmond Report readers by writing to dbarney@redmondmag.com.

On Monday Rapid7, a security firm, wasted no time in telling the world that IE 9 and a number of earlier versions had a flaw that impacted XP, Vista and Win 7. The attacks trick a user into clicking on a malicious Web site, giving the attacker access to elevated privileges.

Of course now hackers are exploiting the flaw which Microsoft, given the short notice, hasn't had time to fix.

Why on earth do security firms publicize flaws before they are fixed? To me this is totally irresponsible.

Tell me where I'm wrong or more likely right at dbarney@redmondmag.com. In the meantime, if I get hacked this way, I'll blame Rapid7.

Posted by Doug Barney on 09/19/2012 at 1:19 PM


Featured

  • Exchange Server June Cumulative Updates Arrive, But with Red Tape

    Microsoft released its quarterly cumulative updates (CUs) for Exchange Server 2013, 2016 and 2019 products this week, but added an extra step for IT pros to consider before installing them.

  • Moving an Old VM to a New Hyper-V Host

    So you want to know whether a Hyper-V virtual machine built on a legacy host will be supported by a newer server? There's a PowerShell command for that.

  • AI-Driven Solution Tracks Packets Through the Datacenter

    Datacenter solutions vendor Kaloom this week unveiled a new offering the company says will enable the development of "self-driving" datacenter networks.

  • Microsoft Previews Azure Bastion Service for Private VM Access

    Microsoft on Tuesday announced a preview of the Azure Bastion service, which lets a user connect to an Azure virtual machine (VM) using a private Internet connection.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.