June 12, 2012

On Patch Tuesday, Microsoft warns of zero-day attacks in IE

Separate of the patches it released, Microsoft on Tuesday warned of attacks underway that are targeting a zero-day vulnerability residing in XML Core Services, according to an advisory. The exploits are being launched against Internet Explorer users by tricking them, usually through a legitimate-looking email or instant messenger conversation, to visit a malicious website. Microsoft does not have a patch for the vulnerability, but as part of the advisory, it issued what Microsoft officials call "an effective workaround that stops would-be attackers from taking advantage of the issue via Internet Explorer."
Related Articles
Related Topics

More in News

Operators again revive Pushdo botnet, use a popular tactic to stay hidden ...

Botnet operators are using a domain-generation algorithm to conceal their command-and-control center. And once they knew security researchers were on to their tricks, they got even slicker.

Mac spyware discovered on Angolan dissident's computer at Oslo Freedom Forum

Mac spyware discovered on Angolan dissident's computer at ...

Security researchers are studying an apparent new strain of Mac malware that turned up on the computer of a participant at the just-concluded Oslo Freedom Forum, an annual human rights ...

Judge in London sentences LulzSec members

Judge in London sentences LulzSec members

The sentences range from 20 to 32 months, with none of the defendants likely to serve the full time. There has been no formal request to extradite the U.K. men ...