Users login

Create an account »


Users login

Home » Hacking News » IE zero day again

IE zero day again

by Nikola Strahija on April 26th, 2006 -Panic, but only slightly, says Michal Zalewski as he reveals yet another zero-day vulnerability of Microsoft Internet Explorer. The bug was given a highly critical rating, Redmond still dwells about a patch.

First published a few days ago on a Full disclosure mailing list, the vulnerability was described as a flaw in Internet Explorer that crashes the software when web sites with nested Object tags are visited.

Zalewski confirmed the flaw on a fully patched Windows XP with IE 6.0. Secunia gave the flaw a highly critical rating, stating that it could lead to remote code execution. Other security companies are scanning the web searching for possible exploits, none have been found so far.

MS is not talking about a patch, instead they are bothered by the way in which the flaw was published: -Microsoft will continue to investigate the public reports to help provide additional guidance for customers as necessary, said the company's spokesperson.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »