Barney's Blog

Blog archive

Patch Tuesday Leads to Attack Wednesday

A day after Microsoft publicly fixed 28 holes (including four Internet Explorer flaws), a researcher found that hackers already have an attack for IE 7.

The exploit delays the processing of XML tags, can crash the browser (though IE and Firefox do a great job of crashing on their own, at least on my aging Latitude D520) and can then inject malicious code upon browser restart.

There may well be a fresh patch to beat back these attacks. We'll keep you posted.

Posted by Doug Barney on December 11, 2008 at 11:53 AM