Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Submission + - Pwn2Own IE Vulnerabilities Missing from Microsoft Patch Tuesday Updates (

msm1267 writes: Microsoft’s monthly Patch Tuesday security updates released today did not include patches for Internet Explorer vulnerabilities used during the Pwn2Own contest one month ago.
The popular hacker contest attracted researchers from all over who were targeting all the major browsers, as well as third-party software such as Flash and Java. Companies such as VUPEN and MWR Labs were able to beat locked-down versions of IE 10 running on Windows 8 and Mozilla’s Firefox browser, as well as Chrome running on Windows. Unlike Mozilla and Google, both of which patched the flaws exploited during the contest within 24 hours, Microsoft had yet to update its browser. This has been compounded after last Thursday’s advanced notification that indicated a cumulative IE update was coming today.
“This puts them quite a bit behind other browsers that already patched their Pwn2Own bugs,” said Andrew Storms, director of security operations at nCircle.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Pwn2Own IE Vulnerabilities Missing from Microsoft Patch Tuesday Updates

Comments Filter:

The first rule of intelligent tinkering is to save all the parts. -- Paul Erlich