Microsoft IE zero-day Exposed by HP
Page 1 of 1
There is a new zero-day vulnerability for Microsoft's Internet Explorer Web browser that could potentially be leaving millions of users at risk. Unlike most zero-days, which are typically disclosed by researchers who have discovered an attack in progress, this IE zero-day is being disclosed by Hewlett-Packard. Going a step further, unlike many zero-day vulnerabilities, the new IE flaw was actually first reported to Microsoft more than 180 days ago and still hasn't been fixed.
The vulnerability is technically known as CVE-2014-1770, and HP first privately disclosed it to Microsoft on Nov. 11, 2013.