Operation Aurora: Microsoft knew about Internet Explorer flaw for four months


On Thursday there were sighs of relief from all corners as Microsoft released a security patch for a vulnerability that had been exploited by hackers.

The patch fixed a critical zero-day vulnerability in versions of Internet Explorer that would have meant visiting a boobytrapped webpage could have infected your computer, opening a backdoor for remote hackers.

Nasty stuff, especially as it was being alleged that the security hole had been exploited by Chinese hackers who broke into the likes of Google and Adobe in an attack dubbed “Operation Aurora”.

Interestingly, details are now emerging that Microsoft was first told about the security hole early last September – a full four months before it hit the world’s headlines.

Read more in my article at Naked Security.

Tags: , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , ,

Comments are closed.