DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
December 11, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 68 people online.

 

Latest Reviews
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
 

Follow us
RSS
 

Zero-day exploit in Internet Explorer 10 remains unpatched

Posted on Thursday, April 11 2013 @ 11:09:45 CEST by


Microsoft logo
Bit Tech noticed that this month's Patch Tuesday update cycle from Microsoft did not fix a critical security vulnerability in Internet Explorer 10 that was discovered at last month's Pwn2Own competition at the CanSecWest security conference. The bug is a nasty one, it enables hackers to take control of a fully-patched Windows 8 system by loading a specially crafted webpage in Internet Explorer 10. It's unknown when Microsoft plans to fix this bug, but unless the company releases an out-of-cycle patch, the second Tuesday of May is the soonest date we could see a fix.
Microsoft's Internet Explorer 10 running on a fully-patched Windows 8 installation was one of the browsers to fall victim to security researchers at the annual Pwn2Own competition, held at the CanSecWest security conference. Using a previously-undetected flaw in IE10, security firm Vupen was able to take control of the system - and, in doing so, found itself $100,000 in prize money richer.
/
As part of the contest rules, Vupen was required to disclose details of the vulnerability to Microsoft without making it public until the company had a chance to patch the flaw - a distinct departure from the company's usual tactic of selling zero-day exploit details for profit. Accordingly, it was expected that this month's Patch Tuesday update release would include a fix for the flaw - something Microsoft desperately needs to do, given the seriousness of the flaw and the fact that its rivals in the browser market have already patched their own Pwn2Own vulnerabilities.




 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba