Monday, March 27, 2006

Attacks on Unpatched IE Flaw Escalate

Yes, Microsoft does have a tendency to downplay the seriousness of critical flaws at times...

Brian Krebs writes on Security Fix:

More than 200 Web sites -- many of them belonging to legitimate businesses -- have been hacked and seeded with code that tries to take advantage of a unpatched security hole in Microsoft's Internet Explorer Web browser to install hostile code on Windows computers when users merely visit the sites.

In an update to its Security Response Web log, Microsoft security program manager Stephen Toulouse said the attacks Redmond is seeing against the IE flaw "are limited in scope for now and are being carried out by malicious Web sites."

I have to call Microsoft out on both counts, and I think some of what I've uncovered so far about these attacks should make it clear that the situation is serious and getting worse by the hour.

More here.

posted by Fergie @ 3/27/2006 06:26:00 AM

0 Comments:

Post a Comment

<< Home