Microsoft Says Upgrade To IE8, Even Though It's Vulnerable

Barence writes "Microsoft has issued a statement urging people to upgrade their browser to IE8, after the zero-day exploit that was used to attack companies such as Google went public. According to Microsoft's security advisory: 'the vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.' But, although IE6 has been the source of the attacks until now, Microsoft's advisory admits that both IE7 and IE8 are vulnerable to the same flaw, even on Windows 7."

Marketing must be pleased

[webdog314]

Software Engineer: "It's a complete mess... The vulnerability is present in IE6, 7, and 8 and it won't be an easy fix."

Marketing Shill: "Excellent! Now they've no reason not to upgrade to IE8. Get out a Security Advisory at once!"

Re:well done Google

[ElSupreme]

Yeah use our cool browser that reports almost all of you browsing back to us. We won't be evil, we promise!