Microsoft Critical Internet Explorer (IE) Bug: An admission

Yesterday, Microsoft confirmed that they had known about a critical bug behind widespread attacks of Internet Explorer (IE) more than a year ago. After this shocking admission, Microsoft still defended it security process to its critics.

Mike Reavey, Microsoft’s Security Response Center (MSRC) director, had said that they received word of this critical flaw with its ActiveX control in the spring of 2008. Computer World explains that the bug can exploit IE6 and IE7 running on Windows XP.

Microsoft has yet to offer a real patch for the vulnerability, but they will have to do this at some point. It is not certain if this patch will be offered out-of-cycle, this is normally once a month. We will update you and let you know once this update is ready.