diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


Microsoft Announces “cross_fuzz, Internet Explorer’s 0-day” and More!

Microsoft announced that it’s investigating reports of a zero-day vulnerability impacting Internet Explorer. The issue has been detected using cross_fuzz, a browser fuzzing tool released by Google Researcher Michal Zalewski on January 1st, 2010.

Jerry Bryant notes that “neither Microsoft’s security researchers, nor Zalewski were capable of identifying any issues in IE using the initial version of cross_fuzz. However, this apparently changed on Dec’21,2010, with a version of the tool, reported information about a potentially exploitable crash found by the new version.

We immediately worked to reproduce the issue with the updated and original tool and are currently investigating it further to determine if it’s actually exploitable.

At this point, we’re not aware of any exploits or attacks for the reported issue and are continuing to investigate and monitor the threat environment for any changes,” Bryant explained.

“Security is an industry wide issue and Microsoft is committed to working with researchers and/or the companies who employ them, when they discover potential vulnerabilities and this case is no exception.

Working with software vendors to address potential vulnerabilities in their products before details are made public, reduces the overall risk to customers. In this case, risk has now been amplified. We’ll continue to investigate this issue and take appropriate action to help protect customers,” Bryant added.

More inforamation here.

Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...