Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


+ - Pwn2Own IE Vulnerabilities Missing from Microsoft Patch Tuesday Updates->

Submitted by msm1267
msm1267 (2804139) writes "Microsoft’s monthly Patch Tuesday security updates released today did not include patches for Internet Explorer vulnerabilities used during the Pwn2Own contest one month ago.
The popular hacker contest attracted researchers from all over who were targeting all the major browsers, as well as third-party software such as Flash and Java. Companies such as VUPEN and MWR Labs were able to beat locked-down versions of IE 10 running on Windows 8 and Mozilla’s Firefox browser, as well as Chrome running on Windows. Unlike Mozilla and Google, both of which patched the flaws exploited during the contest within 24 hours, Microsoft had yet to update its browser. This has been compounded after last Thursday’s advanced notification that indicated a cumulative IE update was coming today.
“This puts them quite a bit behind other browsers that already patched their Pwn2Own bugs,” said Andrew Storms, director of security operations at nCircle."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Pwn2Own IE Vulnerabilities Missing from Microsoft Patch Tuesday Updates

Comments Filter:

Oh, so there you are!