Microsoft has advised Internet Explorer (IE) 8 browser users to upgrade to a newer version to dodge a new zero-day security vulnerability, first discovered last October, until the vendor issues a patch to correct the flaw.



From The VAR Guy:

Microsoft was advised last October of the security flaw, which enables remote cyberattackers to take control of a user’s computer, according to Hewlett-Packard’s (HPQ) Zero Day Initiative (ZDI). Researcher Peter Van Eeckhoutte discovered the IE 8 security vulnerability.

In keeping with its policy, ZDI waited some six months after informing Microsoft of the defect before publishing details of the security flaw, ostensibly to give the vendor enough time to patch it. ZDI said it informed Microsoft May 8 that it planned to release details of the security flaw May 21. According to ZDI, the defect first was disclosed to Microsoft Oct. 11, 2013.

  Microsoft Urges IE 8 Users to Upgrade to Avoid New Security Flaw