Microsoft says it plans to fix a six month old bug in Internet Explorer 8 that allows attackers to hijack your rig just by visiting a compromised site.
First of all, what was published is an advisory, not an exploit. The advisory contains *some* details about the bug, but rest assured, it won’t be easy reproduce the vulnerability based on the advisory alone. In other words, what has been disclosed is the fact that there’s a bug in IE and that it has not been patched (yet) after 180 days.
Posts
