Google Discloses An Unpatched Flaw in Internet Explorer, Edge

IT | Mar 17, 2017 | Master3395

The Project Zero from Google has disclosed some potentially serious vulnerability in the Microsoft’s Internet Explorer and Edge web browsers before the company could release the patches.

The details about this flaw and the proof-of-concept (PoC) code are made public last week by the Google Project Zero researcher Ivan Fratric after the Microsoft failed to meet 90-day disclosure deadline.

The security loophole which is tracked as CVE-2017-0037 was described with a high severity type confusion. By exploiting the vulnerability, an attacker can crash the browser and moreover, arbitary code execution is also possible.

This is Microsoft’s second unpatched vulnerability in a their product disclosed by the Google Project Zero this month. Earlier, researcher Mateusz Jurczyk has released various details of a vulnerability with medium severity information and it is a disclosure flaw tracked as CVE-2017-0038.

In addition to these, there is also an unpatched denial-of-service (DoS) flaw in the Windows which is caused by how the SMB traffic is handled inside.

Microsoft has only released the patches for the Adobe Flash Player this month and postponed its February 2017 updates to March 14  of this year due to an unknown “last minute issue.” It is possible that the three vulnerabilities that are affecting Windows and the browsers are supposed to be fixed by these delayed security updates.

The Microsoft on last month has claimed that the security mechanisms in the Windows 10 can block exploitation of a zero-day vulnerability even before the patches are made available for public. As an example the company provided two flaws exploited in sophisticated attacks against organisations in South Korea and the United States before fixes could be released.

Keywords: google, microsoft, Internet Explorer, Edge

Author: Master3395


comments powered by Disqus

Page 1 of 429  >  >>

When will it end? Now there are problems with the batteries as well


Aug 22, 2019 | Category: General | Comments

Surface is already struggling with CPU and WiFi.

read more…

Apple TV launches in November for $ 10 a month


Aug 21, 2019 | Category: Microsoft | Comments

At the same time increases the budget for original content.

read more…

US companies have 90 days to end Huawei cooperation


Aug 20, 2019 | Category: General | Comments

But that's not to be kind to Huawei.

US authorities have decided to allow US companies to do business with Huawei a little longer. Just as Reuters reported yesterday.

read more…

Page 1 of 429  >  >>