News: Googler's Internet Explorer Bug

[BlogDiva]

NEWS:
Security researchers have verified an Internet Explorer bug that sparked a face-off between Microsoft and a Google employee over events surrounding the publication of the vulnerability.

Thank goodness I use a Mac!!!

read more here: Researcher's Confirm Googler's Internet Explorer Bug

 

[djbaxter]

Just Google being Google. Chrome has it's own vulnerabilities (Google just patched a whole slew of them), as does Safari. Indeed, there is no 100% secure browser yet in production and it's doubtful there ever will be.

As for the current reported IE vulnerability, the key is the extent to which the rest of the system is vulnerable and even then it's reportedly not easy to exploit the vulnerability:

Researchers confirm Googler's Internet Explorer bug - Computerworld

"A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to take complete control of a vulnerable system," said the French firm in an advisory published Wednesday.

Vupen said it confirmed the vulnerability and its exploitability in IE8 running on Windows XP Service Pack 3 (SP3), but believed it could also be leveraged on Windows Vista, Windows 7, Server 2003, Server 2008 and Server 2008 R2.

The security company rated the bug as "critical," its highest threat warning. In a follow-up tweet, Vupen said, "Reproducing was/is hard."