[Geeks are Sexy] technology news

Wednesday, September 27, 2006

Microsoft releases fast patch for IE flaw

windowsOnly 8 days *ahem* after realizing that attackers were exploiting the latest unpatched Windows VML security flaw, Microsoft has finally decided to break its normal release schedule and publish a patch to fix this whole mess.

The patch fixes the flawed way in which Internet Explorer handles the Vector Markup Language (VML), a proposed standard for coding vector graphics into XML. Attacks using the flaw were detected eight days before the patch, on September 18, by Sunbelt Software, although other security companies may have independently discovered the issue. Over the weekend, attackers used another zero-day exploit--this time in a Web application known as cPanel--to compromise Web sites and send visitors to a rogue page that hosted the attack code.

Read more


  • And Firefox's usual known-exploit time is, what again? Oh that's right, ONE day. Even if Firefox has more holes than IE, at least they're not left wide open for over a week.

    By Blogger Mackenzie, at 11:25 AM  

Post a Comment

Links to this post:

Create a Link

<< Home