Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

+ - Pwn2Own IE Vulnerabilities Missing from Microsoft Patch Tuesday Updates->

msm1267 writes: Microsoft’s monthly Patch Tuesday security updates released today did not include patches for Internet Explorer vulnerabilities used during the Pwn2Own contest one month ago.
The popular hacker contest attracted researchers from all over who were targeting all the major browsers, as well as third-party software such as Flash and Java. Companies such as VUPEN and MWR Labs were able to beat locked-down versions of IE 10 running on Windows 8 and Mozilla’s Firefox browser, as well as Chrome running on Windows. Unlike Mozilla and Google, both of which patched the flaws exploited during the contest within 24 hours, Microsoft had yet to update its browser. This has been compounded after last Thursday’s advanced notification that indicated a cumulative IE update was coming today.
“This puts them quite a bit behind other browsers that already patched their Pwn2Own bugs,” said Andrew Storms, director of security operations at nCircle.

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Pwn2Own IE Vulnerabilities Missing from Microsoft Patch Tuesday Updates

Comments Filter:

I've never been canoeing before, but I imagine there must be just a few simple heuristics you have to remember... Yes, don't fall out, and don't hit rocks.

Working...