The permanent patch is for an exploit known as CVE-2013-3893, which had the capability to work its way into all supported versions of Internet Explorer. Microsoft announced the existence of the vulnerability in September and released a downloadable "Fix It" tool until the permanent patch was ready.
"The most severe vulnerabilities could allow remote code execution if a customer views a specially crafted webpage using Internet Explorer," Microsoft'… Read more
Attack code that exploits an unpatched vulnerability found in all supported versions of Internet Explorer has been released into the wild. This means that cyberattacks could now surge and affect Internet Explorer users.
Known as CVE-2013-3893, the exploit was integrated Monday into Rapid7's open-source Metasploit penetration testing tool. By putting the exploit into Metasploit, the attack code was made accessible not only to security professionals but also cybercriminals, according to PCWorld.
"As long as cybercriminals get access to the exploit code made publicly available we will see instances of the exploit being use by regular cybercriminals and probably … Read more