Microsoft won't fix Internet Explorer zero-day

iTnews (AUS) ^ | Jun 24, 2015 9:27 AM (AUS) | Allie Coyne, Juha Saarinen

[Utilizer]

HP researchers have published details and proof-of-concept exploit code for a number of zero-day vulnerabilities in Microsoft's Internet Explorer web browser which allow attackers to bypass a key exploit mitigation.

The researchers - part of HP's zero-day initiative team - have a policy to only disclose details of bugs reported to vendors after patches are issued.

But the team decided to go public after being informed by Microsoft that it did not intend to fix the bugs as the company feels the vulnerabilities don't affect enough users.

The flaws were serious enough, however, for Microsoft to earlier award the HP team a US$125,000 bug bounty.

[Utilizer]

MS Explorer. Why am I not surprised. Still, some people insist on using it. Then again, some people prefer to use Outlook and Outlook Express despite its history of continually being hacked into.

[UB355]

One problem with a zero day virus is that because it is not previously documented, it does not have a signature. Signatures involve reviewing the method and coding of a virus to anticipate and protect systems against the virus.

[jy8z]

Someone please remind me what Internet Explorer is again.

[867V309]

Then again, some people prefer to use Outlook and Outlook Express despite its history of continually being hacked into.

Well, if you convert all emails to plain text (no HTML), and only open attachments that you know are safe, I don't see how Outlook can be "hacked." Those are just common sense precautions.

[doc1019]

Yep, it is still on my ‘puter because every time I try to rid my system of this abomination it screws up everything Microsoft on my system. Haven’t used it in years.

[nickcarraway]

They haven’t fixed it in 20 years. Why start now?

[Utilizer]

Note too that ms was uninterested because it did not affect “enough users”. How bloody considerate.

[Utilizer]

The ms Write of the browsing world. Somewhat like how mac “computers” are the Atari 2600 of the computing world. *ducks* :p

[Utilizer]

Outlook HAS been hacked. Repeatedly. I should know; I had to help uncounted users that had to deal with it for over a decade now.

[Utilizer]

Idunno. To break from habit, perhaps?

[Utilizer]

Oh, and don’t forget HotMail hacks as well.

[867V309]

Outlook HAS been hacked. Repeatedly. I should know; I had to help uncounted users that had to deal with it for over a decade now.

I doubt they took the precautions.

[867V309]

Oh, and don’t forget HotMail hacks as well.

What's HotMail got to do with anything?

[TChad]

However, the security researchers were told by Microsoft that as the flaws didn't affect 64-bit systems, they would not be patched.

Microsoft to its 32-bit Windows users: Drop dead!

[plain talk]

I have been using outlook forever and have never been “hacked into it” I no longer use MS explorer but it is not out of fear of being hacked into. I quit using it because it doesn’t always work. Firefox seems to work well for me.

[Swordmaker]

Microsoft is not going to fix a zero day issue in Internet Explorer. . . for your ping list

[867V309]

I have been using outlook forever and have never been “hacked into it”

Me too. It ain't rocket science.

Firefox and NoScript are the bomb.

[Swordmaker]

Someone please remind me what Internet Explorer is again.

It's a problem masquerading as a browser. . .

[867V309]

Outlook HAS been hacked. Repeatedly. I should know; I had to help uncounted users that had to deal with it for over a decade now.

I think you're confused thinking Outlook was hacked when, in fact, the users computer was hacked, maybe from a careless email-email attachment download. This is user error, not an Outlook problem.

[qam1]

Someone please remind me what Internet Explorer is again.

It's the browser you use to download another browser