Friday, February 5, 2010

Microsoft on IE8 Exploit: 'There Is No Patch', And there never will be.

Microsoft's security advisory 3 February 2010 revealed their investigation of a 'reported vulnerability' in IE affecting 'customers running Windows XP or who have disabled Internet Explorer Protected Mode'. They advise they can partially mitigate the threat by isolating IE.

The very fact that resident malware can still 'destroy data on the user's machine' means you as a Windows user have no protection at all. As soon as the black hats uncover another hole in the web periphery, the story will repeat itself.

The very fact Microsoft are attempting to 'isolate' their web interface is a tacit admission the system itself is defenceless. Take a deep breath now while you can. The next attack is right around the corner.

And you have to abandon IE, no matter the version or the version of your 'OS'. There is no patch.

Read the full story at Rixstep

No comments: