Tag: Internet Explorer

Google: Better patching could have prevented 1 in 4 zero‑days last year

February 9, 2021

Vendors should fix the root cause of a vulnerability, rather than block just one path to triggering it, says Google. Google’s Project Zero team revealed that a quarter of zero-day exploits detected in 2020 could have been prevented had the vendors issued proper patches for the underlying security flaws. In its Year in Review bloggpost, the … More Google: Better patching could have prevented 1 in 4 zero‑days last year

Microsoft exposed 250 million customer support records

January 23, 2020

Databases containing 14 years’ worth of customer support logs were publicly accessible with no password protection. Over 250 million customer service and support records were exposed by Microsoft over a two-day period in December 2019 due to a server misconfiguration. Since the records weren’t secured with any authentication measures, anyone with an internet connection and … More Microsoft exposed 250 million customer support records

New Internet Explorer zero‑day remains unpatched

January 21, 2020

You may want to implement a workaround or stop using the browser altogether, at least until Microsoft issues a a fix. Microsoft has released a security advisory alerting users to an as-yet unpatched vulnerability in its Internet Explorer (IE) web browser that is being exploited in limited targeted attacks. The zero-day, which is tracked as CVE-2020-0674, is a … More New Internet Explorer zero‑day remains unpatched

Mozilla rushes out patch for Firefox zero‑day

January 10, 2020

The US cybersecurity agency warns that the critical vulnerability could allow attackers to take control of people’s computers. Mozilla has rolled out a new version of its Firefox web browser to address a critical zero-day vulnerability that has been abused for targeted attacks. Details about the flaw and its exploitation are rather sparse, however. What little is … More Mozilla rushes out patch for Firefox zero‑day

Microsoft issues patch for Internet Explorer zero‑day

November 15, 2019

The critical vulnerability could also be exploited via a malicious Microsoft Office document. Microsoft has shipped out a fix for a critical flaw in Internet Explorer (IE) that is being exploited in the wild. Tracked as CVE-2019-1429, the vulnerability is part of this month’s batch of regular security updates known as Patch Tuesday. The zero-day … More Microsoft issues patch for Internet Explorer zero‑day