We do know that the recent Zero Day exploit in Internet Explorer was patched by Microsoft (albeit this is but a temporary measure), but there are rumors going around that Microsoft was aware concerning this exploit for a good 7 weeks prior, and for a company of their size and stature to not do anything about it nor release a statement of caution to the masses reeks of irresponsibility – assuming that the rumors are true, of course.
An online source as reported by Gregg Keizer, said “Microsoft may have known about last week’s Internet Explorer (IE) zero-day bug for some time.” The security bulletin saw Microsoft issue thanks to “an anonymous researcher, working with TippingPoint’s Zero Day Initiative, for reporting the execCommand Use After Free Vulnerability ( CVE-2012-4969).” Assuming that the latest report was CVE-2012-4969, one can then make the inference that Microsoft was already aware of the IE Zero Day exploit for over seven weeks before Eric Romang, the researcher who announced the discovery of the exploit on a hacker-controlled server, did so in the middle of September. Juicy stuff, but rumors remain as just that until they are substantiated by cold, hard facts.
- 2014-04-14: Microsoft Is "Done" With The Scroogled Campaign
- 2014-04-14: 21% Of Windows XP Users Weren't Aware Of Support Cutoff [Survey]
- 2014-04-14: Microsoft Updates Office Online With Tell Me, Commenting And More
- 2014-04-14: Windows Phone 8.1 Preview Version Revealed
- 2014-04-14: Microsoft Product Codenames Leaked For June-July Release
- 2014-03-02: Internet Explorer 11 Is Number 2 Desktop Browser Used In The World
- 2013-11-06: Microsoft's Anime-Inspired Internet Explorer Ad Is Fun To Watch
- 2013-07-11: Microsoft's New Internet Explorer Ad Wants You To Forget The Old IE
- 2013-07-02: Microsoft's Nokia Music Mix Party Let's Your Friends Become Virtual DJs [Video]
- 2013-06-19: Microsoft Offers $100,000 Bounty For Someone Who Can Find Windows 8.1 Exploits