Discovered by HP’s TippingPoint division, the bugs were originally reported to Microsoft six months ago, giving the software giant fair warning in fixing them before it made the flaws public. However all of them still exist to this day and though Microsoft initially asked for an extension on its grace period to fix the flaws, HP decided to waive that option and has unveiled the bugs for all to see.
Related: Microsoft to axe Internet Explorer
Each of the four exploits allow for the remote execution of code on a user’s smartphone, even if their version of Internet Explorer is fully patched and updated. They would need to visit specific sites with the browser to contract the malware, but once infected, clearing them out isn’t easy.
Microsoft has issued a statement on the matter, saying that it was “aware of the reports regarding Internet Explorer for Windows Phone. A number of factors would need to come into play, and no attacks have been reported. We continue to monitor the situation and will take appropriate steps to protect our customers.”
While some have questioned as to why the company hasn’t fixed up these problems, Ars suggests that it may be that Microsoft instead wanted to focus on fixing problems that arose from the Hacking Team revelations earlier this month. Though that doesn’t explain why it didn’t act months ago when the faults were originally raised.
Editors' Recommendations
- AMD still hasn’t made the big APU dream a reality
- Haptic feedback headphones are a great idea that still hasn’t been done right
- Amazon says TikTok hasn’t been banned from workers’ phones
