Today's Hard|Forum Post
Today's Hard|Forum Post

Monday September 24, 2012

Microsoft Knew of IE Zero-Day for Weeks Before Patching

Many were wondering how and why Microsoft moved with such an unusual speed in plugging the hole and formulating a fix for the IE Zero-Day flaw last week. The answer is simple: The flaw had been reported much earlier and had not been acted upon.

Microsoft knew of the IE zero-day for more than seven weeks before Eric Romang, the researcher who announced finding an exploit on a hacker-controlled server, disclosed his discovery Sept. 15.