IE Becoming Worthless – Microsoft Warns of Yet Another Serious Flaw

This “zero day” vulnerability affects Internet Explorer (IE), users whose computers run the XP or Windows Server 2003 operating system (OS), and affects a part of IE used to play video. See the Zero Day Initiative disclosure policy here.

This vulnerability was discovered by Peter Vreugdenhil who informed Microsoft of this vulnerability on January 26, 2009 and finally prompted Microsoft’s public disclosure (Microsoft Security Bulletin MS09-019 – Critical), first on June 9, 2009.

Thousands of random web sites have been hacked over the past 6 months in which this malicious software that exploits the un-patched IE vulnerability has been setup by various hackers. Innocent people are then lured to these infected sites after clicking on a link in spam e-mail. Currently Mozilla’s popular Internet browser – Firefox , or Opera, or Google Chrome, or Safari are NOT affected.

A coherent and inquisitive mind has to challenge Microsoft’s legitimate business motives when they knew about this serious IE flaw “BEFORE” IE 8 was released, but did NOT fix it!

Is off-shore out-sourcing the problem?
Is this extreme lag time between when a security flaw is first discovered (usually by 3rd party sources like Zero Day Initative), and the paying consumers becoming informed of the problem, much less the problem getting a legitimate fix – an issue of off-shore out-sourcing to places like India that does $84 Billion of IT outsourcing annually. Some speculate that this equates to over $220 Billion in transferred U.S. dollars off-shore “annually” in the IT business sector alone…

The Microsoft India Development Center (MSIDC) – Hyderabad, India

Affected Microsoft Software

There currently is NOT an official patch offered by Microsoft. See complete story here.

No related articles.