[ISN] Microsoft patches final Pwn2Own IE bug

From: InfoSec News <alerts_at_private>
Date: Thu, 11 Aug 2011 04:39:27 -0500 (CDT)
http://www.computerworld.com/s/article/9219081/Microsoft_patches_final_Pwn2Own_IE_bug

By Gregg Keizer
Computerworld
August 10, 2011

Microsoft on Tuesday patched the last vulnerability in Internet Explorer 
(IE) used by a researcher in March to win $15,000 at the annual Pwn2Own 
hacking contest.

The company had patched IE twice before to quash bugs exploited by 
Stephen Fewer of Harmony Security to bring down IE8 on Windows 7 at 
Pwn2Own. For his efforts, Fewer was awarded a cash prize of $15,000 and 
a Sony notebook.

Fewer chained three exploits, each for a different vulnerability, to 
bypass IE's sandbox, called "Protected Mode," and compromise IE8. 
Pwn2Own sponsor HP TippingPoint called the feat "impressive" at the 
time.

Microsoft patched the third IE bug in a multiple-flaw update to its 
browser, part of a 13-bulletin collection.

[...]


___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Thu Aug 11 2011 - 02:39:27 PDT

This archive was generated by hypermail 2.2.0 : Thu Aug 11 2011 - 02:35:09 PDT