IE 0Day Actively Being Exploited

As it turns out, even with the 24 fixed vulnerabilities in Microsoft’s February Patch Tuesday update, Microsoft still missed at least one. There is now an actively exploited zero-day attack against a vulnerability in IE.

“Microsoft is aware of targeted attacks against Internet Explorer, currently targeting customers using Internet Explorer 10,” Microsoft wrote in an email to eWEEK. “We are investigating and we will take action to help protect customers.”

Security vendor FireEye first publicly reported the zero-day on Feb. 13. The zero-day is being used in what is known as a “watering-hole” attack, where visitors to a legitimate site are being compromised.

Read the full story at eWEEK:
Microsoft IE Zero Day Exploited in the Wild

Sean Michael Kerner is a senior editor at Follow him on Twitter @TechJournalist.

News Around the Web