DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
January 18, 2021 
Main Menu
News archives

Who's Online
There are currently 178 people online.


Latest Reviews
ASUS ROG Strix B450-F Gaming Motherboard
Sonos Move
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse

Follow us

Zero-day exploit in Internet Explorer 10 remains unpatched

Posted on Thursday, April 11 2013 @ 11:09:45 CEST by

Microsoft logo
Bit Tech noticed that this month's Patch Tuesday update cycle from Microsoft did not fix a critical security vulnerability in Internet Explorer 10 that was discovered at last month's Pwn2Own competition at the CanSecWest security conference. The bug is a nasty one, it enables hackers to take control of a fully-patched Windows 8 system by loading a specially crafted webpage in Internet Explorer 10. It's unknown when Microsoft plans to fix this bug, but unless the company releases an out-of-cycle patch, the second Tuesday of May is the soonest date we could see a fix.
Microsoft's Internet Explorer 10 running on a fully-patched Windows 8 installation was one of the browsers to fall victim to security researchers at the annual Pwn2Own competition, held at the CanSecWest security conference. Using a previously-undetected flaw in IE10, security firm Vupen was able to take control of the system - and, in doing so, found itself $100,000 in prize money richer.
As part of the contest rules, Vupen was required to disclose details of the vulnerability to Microsoft without making it public until the company had a chance to patch the flaw - a distinct departure from the company's usual tactic of selling zero-day exploit details for profit. Accordingly, it was expected that this month's Patch Tuesday update release would include a fix for the flaw - something Microsoft desperately needs to do, given the seriousness of the flaw and the fact that its rivals in the browser market have already patched their own Pwn2Own vulnerabilities.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2021 DM Media Group bvba