When The 'Fix It' Doesn't Fix It - Blog

Microsoft issued an emergency fix for a zero-day IE bug that allows for remote code execution. Researchers found they could bypass the fix-it Microsoft issued last week in response to active “watering-hole” attacks exploiting IE 8. Microsoft is aware of the researchers’ findings, but it is still recommending that users apply the fix. IE 9 and IE 10 don’t include the bug, which some researchers say is a “use-after-free” vulnerability. “This seems like a bad fix,” says Veracode’s Chris Wysopal, CTO.”]

Source: https://www.darkreading.com/attacks-breaches/when-the-fix-it-doesn-t-fix-it

When The ‘Fix It’ Doesn’t Fix It

Something Fresh

What to Know About The Jamaica Data Protection Act

St Vincent and the Grenadines embracing CariSECURE

Jamaica's Gov’t Looking to Finalize Data Protection Act Regulations

What People Reading

Feedback and data-driven updates to Googles disclosure policy

Launching AnonLeaks, Ready To Dump More HBGary E-mails!

Intel Confirms Unauthorized Access of Earnings-Related Data

RSA: Geolocation shows just how dead privacy is

Mozilla Says Google's New Ad Tech - FLoC - Doesn't Protect User Privacy

Categories

Partners

Just add here your partners image or promo text