Security 10816 Published by

Threatpost posted a story that Microsoft is expected to released a patch for the Pwn2Own IE vulnerabilities on Tuesday



"Even with their new, more aggressive IE patch cadence they’re still behind other browsers that don’t stick to a monthly patch schedule,” said Andrew Storms, director of security operations at security company nCircle. “This probably isn’t a huge problem for enterprise security teams because the bug hasn’t been publicly released.”

IE has been a vehicle for many noteworthy attacks this year, including a series of watering hole attacks against human rights and political organizations that exploited zero-day vulnerabilities in IE. Those vulnerabilities were patched in an out-of-band security update.
  Microsoft Expected to Patch Pwn2Own IE Vulnerabilities