IE8 Already in Need of a Security Patch

[ganeshbala]

IE8 Already in Need of a Security Patch

Microsoft confirmed it is looking into a potentially dangerous security hole in newly shipped Internet Explorer 8, but played down as speculation that the shipping version of IE8 is at serious risk of attack.

In fact, the potential exploit, according to a posting on Microsoft's Security, Research, and Defense blog, is prevented from working in the final release version of IE8, which Microsoft opened for public download last Thursday.

Researchers uncovered the sophisticated method for breaking into IE last week during the annual CanSecWest security conference in Vancouver, British Columbia. During the conference's PWN2OWN vulnerability-seeking contest, participants succeeded in compromising IE8 and other leading browsers.

"Microsoft is investigating reports of a possible vulnerability in Internet Explorer 8," Microsoft's Christopher Budd, security response communications lead.

SOurce : internetnews.com