Elite hacker gang pulls out another IE zero-day from its bottomless pocket of unpatched vulnerabilities, says Symantec, which links latest bug to 'Elderwood' group it profiled last September. Microsoft doesn't seem to be in any hurry to patch IE, either ... but that could change if (or as) attacks climb in number. Attack code has been public on Metasploit since 12/29, and Exodus Intelligence says it has figured out a way to sidestep Microsoft's 'Fixit' workaround defense.
one plus one
Shared publicly•View activity