Computer Security Research - McAfee Avert Labs Blog

Yet Another Microsoft Zero-Day Exploit!!

Wednesday October 25, 2006 at 7:08 pm CST
Posted by Karthik Raman

In my last blog entry I talked about the consequences of Microsoft’s policy of releasing security updates only once a month. Is this encouraging exploit writers to release zero-day Microsoft exploits soon after a month’s Patch Tuesday to maximize the vulnerability’s window of exposure? Yesterday, on 24 Oct 2006, exploit code was released for a Microsoft Internet Explorer (IE) vulnerability. This proof-of-code code could cause denial-of-service (DoS) in IE. Avert Labs is investigating this exploit further.

Patch Tuesday next month falls on November 14. So this IE bug’s potential window of exposure is at least three weeks…

This entry was posted on Wednesday, October 25th, 2006 at 7:08 pm and is filed under Un-Patched Vulnerabilities, Vulnerability Research, Zero-Day. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Yet Another Microsoft Zero-Day Exploit!!

Leave a Reply

Archives

Categories