Don't miss our upcoming Network Computing virtual event on Connectivity Solutions - Secure Your Complementary Seat Now!
An exploit for a new zero-day bug in Internet Explorer appeared Thursday, causing security companies to ring alarms and Microsoft to issue a security advisory that promised it would patch the problem.
Just a day after anti-virus vendors warned of a new zero-day vulnerability in Internet Explorer – the second such alert since Friday -- companies including Symantec and Secunia boosted security levels as news of a public exploit spread.
Symantec issued warnings to customers of its DeepSight Threat Management System that an exploit had appeared for the just-announced CreateTextRange JavaScript bug. "The DeepSight team has successfully tested this exploit, and verified that it does in fact work as advertised against a fully patched Windows XP SP2 machine," the warning read.
Although the publicly-posted exploit only launches a copy of the Windows calculator, "replacing the shellcode in this exploit would be trivial even for an unskilled attacker," Symantec continued.
Danish vulnerability tracker Secunia, which Wednesday had tagged the bug as "highly critical," raised the bar to its highest-possible "extremely critical" rating.
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.
