Today's Tech News and Reviews

Microsoft Missed an Internet Explorer Bug Which is Now Being Exploited


Internet Explorer 10

Recently in this month’s “Patch Tuesday”, Microsoft addressed a number (24) of security holes and bugs in Internet Explorer. However, they seemed to have missed one that is affecting Internet Explorer (IE) 10 which attackers are currently exploiting all over.

The attack takes advantage of a “Use-After-Free” memory corruption flaw in Internet Explorer 10, which enables them to abuse the memory space from allocated program space. They do this via a “watering-hole attack” ¬†which attacks users when they visit legitimate websites, one of which being the U.S. Veterans of Foreign War (by infecting the legitimate website).

It is considered a zero-day bug, referred to as “CVE-2014-0322” and Microsoft has responded explaining that they are aware of this and are actively working on a patch. Until the patch is made available via the next round of updates, users can be pro-active themselves by upgrading to the newer IE 11, as the attack only targets IE 10.


About Author


Designer, Editor and Reviewer for Poc Network, ProAudio and Mobile Nations.

James enjoys spending most of his time as an audio engineer and technician for the live music industry when he isn’t running around the office here juggling an intense workload. He can also be found frequently in the nearby mountainous ranges, scrambling rocks and rappelling down large sections.

Leave A Reply