Microsoft Rocked by New IE Zero-Day Flaw Warning

Barely two weeks after shipping an Internet Explorer security makeover to cover a wave of drive-by malware downloads, Microsoft is scrambling to address the public disclosure of a new zero-day vulnerability that could be used in code execution attacks. The Redmond, Wash. software maker confirmed it was investigating a warning posted on the Full-disclosure mailing list that the latest versions of IE causes various types of crashes when visiting Web pages with nested OBJECT tags.

A spokesman for Microsoft said the initial investigation has revealed that the bug would most likely result in the browser closing unexpectedly or failing to respond. "Microsoft will continue to investigate the public reports to help provide additional guidance for customers as necessary."

View: The full story
News source: eWeek

Previous Story
Microsoft To Ship Longhorn Server In Second Half Of 2007
Next Story
Microsoft Shares Updated Windows Mobile Timeline