Microsoft confirms hackers exploiting critical IE bug, promises patch

Computerworld (US)

FRAMINGHAM – Microsoft on Monday issued a security advisory that confirmed in-the-wild attacks are exploiting an unpatched bug in Internet Explorer. The software maker is working on a fix. The advisory addressed the “zero-day” vulnerability — meaning it was discovered and exploited before a patch was available — that was found and disclosed by researcher Eric Romang over the weekend. On Monday, the Metasploit open-source penetration framework published an exploit module for the bug, putting pressure on Microsoft to act quickly.

Want to partner with IDG?

Click here to get started