Security Firm Manages to Bypass Microsoft’s Internet Explorer Zero-Day Fix

Microsoft urgently needs to launch a security update

  The flaw exists in IE8 and older
Microsoft has recently confirmed a bug in Internet Explorer 8 and older that would allow attackers to take control of a vulnerable system; yet, instead of releasing a patch, the company only rolled out a one-click “Fix it” tool.

Microsoft has recently confirmed a bug in Internet Explorer 8 and older that would allow attackers to take control of a vulnerable system; yet, instead of releasing a patch, the company only rolled out a one-click “Fix it” tool.

Even though it was designed to help users configure their systems in a way that would allow them to stay on the safe side, security firm Exodus Intelligence says it has managed to bypass the fix and compromise a fully-patched system.

The security vendor has, of course, decided to give Microsoft some time to address the vulnerability, as the Redmond-based technology giant is currently working on the patch.

In addition, security company Avast revealed earlier today that approximately nine websites had been compromised in order to exploit the flaw, so Microsoft urgently needs to release an update.

Comments