Your IT Support Experts - Homepage

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.

Home

About Us

IT Services

Understanding IT

News

Blog

Contact Us

Support

(703) 359-9211

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

  • You are here:  
  • Home /
  • Blog /
  • Trey Cunningham /
  • Internet Explorer 8 Zero-Day Vulnerability Found, but Not Patched

Macro Systems Blog

Macro Systems has been serving the Metro Washington, DC area since 1997, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.
Categories
Tags
Categories:   All Categories
Suggested keywords
x

Internet Explorer 8 Zero-Day Vulnerability Found, but Not Patched

b2ap3_thumbnail_vulnerability_microsoft_400.jpgWith the world still on edge about the recent vulnerability found in most versions of Internet Explorer, another one has been discovered, this time in Internet Explorer 8. This bug allows a hacker to execute malicious code when a user opens an infected email or webpage.

However, this vulnerability is different than the one previously discovered and patched (even for Windows XP), in that Microsoft hasn't issued a patch for this one.

The bug was discovered in October 2013 by HP's Zero-Day Initiative (ZDI), which rewards individuals for locating and reporting bugs and vulnerabilities. The policy put into place by ZDI is that it handles the disclosure of the threat to the vendor, and then keeps quiet for 180 days, providing the company ample time to provide a patch for the issue.

However, it seems like 180 days wasn't enough this time. Microsoft confirmed the bug existed in February, but hasn't included a patch for the flaw in any of the Patch Tuesdays since.

Internet Explorer 8 was the newest version to be compatible with the recently cut-off Windows operating system, Windows XP. It is also used on Windows Vista and Windows 7, as well as Windows Server 2003, 2008, and 2008 R2.

According to ZDNet, Microsoft hasn't been able to locate any attacks exploiting the vulnerability at this time. ZDI's technicians have described how the bug works: "By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process."

All that this series of vulnerabilities indicates is an increasing need for Internet security and monitoring. As a business owner, you need more than just vigilance and good faith to keep your company's clients protected. Macro Systems can provide your business with that.

We won't wait 180 days to inform you that there is a vulnerability in your system, or that it has been exploited. We'll monitor your system and keep it as safe as possible from virtual attacks. Whether they happen or not, you can rest easy knowing that your system is in good hands. Call Macro Systems today at 703-359-9211 and we'll discuss ways you can combat this new string of vulnerabilities.

Tags:
Microsoft Security Privacy
Make Your Chromebook Shine With These Two Easy Tip...
Tomorrow Never Downloads: Protecting Your Database...

About the author

Trey Cunningham

Trey Cunningham

Macro Systems has been serving the Metro Washington, DC area since 1997, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses

Author's recent posts

More posts from author
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, April 19, 2024

Captcha Image

Customer Login

News & Updates

Contact Us

Learn more about what Macro Systems can do for your business.

(703) 359-9211

Macro Systems
3867 Plaza Drive
Fairfax, Virginia 22030

 Login | Register