Still Unpatched IE Security Hole Raises Concern

Still Unpatched IE Security Hole Raises Concern

UPDATE:

October 08, 2013, 4:18 PM — As anticipated, the latest round of Microsoft’s Patch Tuesday monthly release of security fixes addresses a widely known Internet Explorer (IE) vulnerability already being exploited by malicious hackers.

Overall, for October’s bundle of software patches, Microsoft issued eight bulletins covering 26 vulnerabilities. Microsoft rated four of the bulletins as critical and the other four as important.–By Joab Jackson, IDG News Service

Microsoft Security Bulletin Summary for October 2013

http://technet.microsoft.com/en-us/security/bulletin/ms13-oct

An unpatched vulnerability in Microsoft’s Internet Explorer is raising great concern for users of all versions of the popular browser.

The exploit – called CVE-2013-3893 was announced by Microsoft on Sept 17th.

(Microsoft) released a temporary “Fix It” tool that customers can download and install to address the flaw, but no permanent patch has been released through Windows Update.

The vulnerability affects all versions of Internet Explorer and can be exploited to execute arbitrary code on computers when IE users visit a specially crafted Web page hosted on a malicious or compromised website.

Microsoft’s next batch of security updates is scheduled for Oct. 8, but it’s not clear if the company will issue a permanent patch for this particular vulnerability at that time.

http://www.pcworld.com/article/2051160/public-release-of-ie-exploit-could-spark-widespread-attacks.html

Internet Explorer exploit release could trigger a surge in attacks
While Microsoft has yet to issue a permanent patch for a known exploit, the code could become widely available to cybercriminals after being integrated into an open-source testing tool.
http://news.cnet.com/8301-1009_3-57605601-83/internet-explorer-exploit-release-could-trigger-a-surge-in-attacks/

CVE-2013-3893: Fix it workaround available

http://blogs.technet.com/b/srd/archive/2013/09/17/cve-2013-3893-fix-it-workaround-available.aspx

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles