Microsoft Has Not Yet Fixed Internet Explorer Pwn2Own Flaws

Microsoft Has Not Yet Fixed Internet Explorer Pwn2Own Flaws

No sir, the flaws are still unpatched. But luckily everything is (relatively) under control, as the exploits were privately reported and have not made it out to the wild.

Regardless, many were expecting Microsoft to take care of these in April’s Patch Tuesday update that just went live late last night. But it seems that we may have to wait a little while longer.

Talking to ThreatPost, Dustin Childs, the group manager over at Microsoft Trustworthy Computing said:

“Microsoft works with the security community to protect our customers against all threats and we are investigating possible issues identified by researchers during the Pwn2Own competition. We are not aware of any attacks and the issues should not affect our customers, as Pwn2Own organizers do not publicly disclose the competition’s findings.”

So essentially, according to the software titan it takes a fair while to patch these flaws, end users have nothing to worry about as nothing sinister has happened — meaning, no successful attacks have been reported so far.

And one of the reasons for that is because both Mozilla and Google have already fixed similar issues in Firefox and Chrome respectively.

Internet Explorer, as you may recall was hacked during the first day of the recently concluded Pwn2Own competition. The exploits were immediately reported to Microsoft, and the software titan promised to address the vulnerabilities discovered during the hacking marathon.