Internet Explorer flaw now exploited in the wild

Posted on Wednesday, October 02 2013 @ 12:50 CEST by Thomas De Maesschalck
Microsoft logo
ARS Technica reports a critical vulnerability in all versions of Internet Explorer just went mainstream as exploit code became part of a new module for the Metasploit exploit framework on Monday. Microsoft issued a temporary fix for the exploit two weeks ago, but it's still unknown when the firm will do an automatic roll-out of a permanent patch.
Monday's release of a module for the Metasploit exploit framework used by security professionals and hackers could broaden the base of attackers who are capable of targeting the flaw. Until now, the bug has been known to be exploited in only a handful of highly targeted attacks aimed mostly at workers in Japanese government agencies and manufacturers. While the attack code has been available to anyone who knows where to find it, its inclusion in the open-source Metasploit could make it easier for some people to use.

Microsoft issued a temporary fix for the browser two weeks ago. The company, which is scheduled to release its next batch of security updates on October 8, hasn't said when it will issue a permanent patch.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments