Hot on HuffPost Tech:

See More Stories
Free Switched iPhone app - try it now!
AOL Tech

Microsoft knew of critical IE flaw used in Google attack 5 months ago

Microsoft has already fessed up -- admitting that a vulnerability in Internet Explorer was a key component in the Chinese attacks on companies including Google and Yahoo. Today, a post at Wired revealed some very disappointing news: Microsoft knew about the exploit as far back as September of 2009.

Microsoft's senior security officer Jerry Bryant had this to say: "Our investigation into this responsibly reported vulnerability began early September...We became aware of the recent attacks in mid January and as part of our investigation determined the vulnerability being used in these attacks was similar to the one investigated in September."

Apparently the official plan from Redmond was to patch the hole in a cumulative update this February -- a full six months after it was discovered. In the wake of the attacks, however, they were forced into action and released an out-of-band patch for IE.

What's your take on this news?

Six months seems like an extremely long time to make millions of customers wait for you to release a patch to a flaw which is considered to pose a severe risk.

Most of our users have already made the switch - maybe it's time for the rest of the world to look at an alternative browser.

Tags: exploit, flaw, internet explorer, InternetExplorer, security, vulnerability

Comments

11