With reports of severe security vulnerabilities in Microsoft’s Internet Explorer (IE) still floating around on the blogosphere, a recent revelation by the US-based security firm has worsened the situation for the troubled web browser.
Core Security Technologies, a Boston-based security firm, disclosed fresh security vulnerabilities in the browser over the last weekend, just a day after the software giant released an out-of-cycle security patch to safeguard IE users from being targeted by hackers.
Just around a couple of weeks back, Microsoft had admitted that its browser was in fact a vulnerable link in the large-scale attack against networks of some of the big companies, including Google.
Core Technologies claimed to have unravelled new security holes that could enable hackers to exploit victim’s computer resources by performing remote code execution on the targeted machines.
This time, however, Microsoft is taking these claims very seriously, and has subsequently launched an internal inquiry.
Depicting the same, a Microsoft spokesperson said: “Microsoft is investigating a responsibly disclosed vulnerability in Internet Explorer. We’re currently unaware of any attacks trying to use the vulnerability or of customer impact, and believe customers are at reduced risk due to responsible disclosure.”
Furthermore, the software maker didn’t discard the possibility of releasing yet another out-of-cycle security patch once they are done with the investigation.
Microsoft is doing a substantial amount of firefighting here which might not be as helpful as one might expect, more specifically, it has and will take significant resources from other priority projects that Microsoft is currently undertaking. Security is paramount though but let's hope that it doesn't become a significant distraction.