Microsoft IE zero-day vulnerability


Another IE Exploit Targeting Defense Industry Discovered

Another malicious website has been discovered hosting an exploit for the zero-day vulnerability Internet Explorer patched by Microsoft last week. This site, like the other exploits discovered, targets the defense and space industries, and is dropping an unknown payload, according to Barracuda Labs.

Microsoft Will Patch IE Zero-Day on Friday; Fixit Available as Stopgap

Microsoft announced last night it would issue an out-of-band patch on Friday for a zero-day Internet Explorer vulnerability disclosed earlier this week. In the meantime, Microsoft made a FixIt available on Wednesday that would temporarily mitigate the threat posed by active exploits found in the wild.The out-of-band patch will be available by 1 p.m. ET on Friday, said Yunsun Wee, director of Trustworthy Computing for Microsoft.


Microsoft issued a security advisory Monday night and recommended several workarounds to mitigate a zero-day vulnerability in Internet Explorer reported over the weekend that is being exploited in the wild. Microsoft said it is still investigating the vulnerability, and may issue an out-of-band security update to patch the problem, or wait until the next Patch Tuesday update Oct. 9.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.