Barney's Blog

Blog archive

IE Flaw Found and Exploited

A newly found IE zero-day flaw has been found, publicized and is now being exploited. And this is not the kind of story I like to report.

In walking through this news, I'm hoping you'll help me understand the logic and report back to me and the tens of thousands of Redmond Report readers by writing to [email protected]

On Monday Rapid7, a security firm, wasted no time in telling the world that IE 9 and a number of earlier versions had a flaw that impacted XP, Vista and Win 7. The attacks trick a user into clicking on a malicious Web site, giving the attacker access to elevated privileges.

Of course now hackers are exploiting the flaw which Microsoft, given the short notice, hasn't had time to fix.

Why on earth do security firms publicize flaws before they are fixed? To me this is totally irresponsible.

Tell me where I'm wrong or more likely right at [email protected] In the meantime, if I get hacked this way, I'll blame Rapid7.

Posted by Doug Barney on 09/19/2012 at 1:19 PM


Featured

  • Salesforce Buying Slack for $27 Billion To Bolster CRM Solution

    Salesforce on Tuesday announced the purchase of collaboration software-maker Slack for an estimated $27.7 billion.

  • Dark City Illustration

    The Night the Lights Went Out in the Cloud: Lessons from the AWS Outage

    Last week's AWS outage that broke the Internet showed how critical it is to build applications that can withstand transient failure. Here's what you need to know to design a resilient cloud app (and it doesn't involve multicloud).

  • 5 Steps To Fix Windows Indexing Problems

    The Windows indexing feature doesn't always deliver the correct results of a file search. Here are five troubleshooting steps you can take whenever Windows indexing acts up.

  • Microsoft Adding Simpler Microsoft 365 Admin Center Option for Small Businesses

    The Microsoft 365 Admin Center, used for setting up and managing various Microsoft services, is getting a more lightweight interface designed for "very small businesses," according to a Tuesday Microsoft announcement.

comments powered by Disqus