New IE Remote Code Execution Vulnerability Discovered 63
An anonymous reader writes "Microsoft is investigating a new remote code execution vulnerability in Internet Explorer and preparing a security update for all supported versions of its browser (IE6, IE7, IE8, IE9, IE10, and IE11). The company has issued a security advisory in the meantime because it has confirmed reports that the issue is being exploited in a 'limited number of targeted attacks' specifically directed at IE8 and IE9."
Re:Internet Explorer 6? (Score:4, Interesting)
Even Microsoft sent flowers to the mock funerals [theregister.co.uk]. And now they're digging out the grave to patch a corpse?
You can be pretty sure they would rather not have to work on it, but they've committed to supporting it until Spring 2014.
They've made a rod for their own back with that one, but that's how it is.
The really exciting bit will be when IE6 support finally does come to an end. I'd be willing to bet there are people who've found expoits but are holding back from using them until then. My bet is that anyone still using IE6 on the day of the last security patch will be hacked into oblivion by the end of that week.
No sensational headlines? (Score:4, Interesting)
Botnet Command and Control map:
https://www.shadowserver.org/wiki/pmwiki.php/Stats/BotnetMaps#botnet [shadowserver.org]