Palo Alto Networks Researcher Discovers Critical IE Vulnerability


PANW-New-Logo-3

Palo Alto Networks researcher Hui Gao was credited with discovery of a new critical Internet Explorer (IE) vulnerability affecting IE versions 6, 7, 8, 9, 10 and 11. CVE-2015-2548 is included in Microsoft’s October 2015 Security Bulletin and documented in Microsoft Security Bulletin MS15-109.

In our continuing commitment to the security research community, these vulnerabilities were disclosed to Microsoft through our participation in the Microsoft Active Protections Program (MAPP) program, which ensures the timely, responsible disclosure of new vulnerabilities and creation of protections from security vendors. (As of this writing, Microsoft researcher Bo Qu was also credited with critical IE vulnerability discoveries in August and July, acknowledged in revisions to Microsoft Security Bulletins MS15-065 and MS15-079.)

Palo Alto Networks is a regular contributor to vulnerability research. Previous critical IE vulnerability discoveries from the past 18 months included three in September, one in Augustthree in July (revised from two), three in Junethree in Mayone in Marchfive in February (revised from three), three in November 2014one in October 201415 in September 2014three in August 201410 in July 2014, and 22 in June 2014 (revised from 21).

By proactively identifying these vulnerabilities, developing protections for our customers, and sharing them with Microsoft for patching, we are removing weapons used by attackers to compromise enterprise, government and service provider networks.

[Palo Alto Networks Blog]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.