Microsoft: No Pwn2Own bug in IE9


If you recall, a few days ago at the Pwn2Own hacking event, Microsoft’s Internet Explorer 8 was hacked. Microsoft, today, said its Internet Explorer 9 does not contain the same bug which was exploited on Internet Explorer 8.

As ComputerWorld reports, while Internet Explorer 9 may not be at risk at this time, up to 99% of IE’s users are still at risk. In a response from Microsoft, it seems like the vulnerability was addressed in the RC and RTM versions of Internet Explorer 9. However, a patch for the exploit is under way for older editions of Internet Explorer.

Internet Explorer 9 Release Candidate was launched almost a month ago and plans are to release the final version to the web on Monday, March 14, at 9 a.m. Pacific Time.

Even though Microsoft said that the patch was in the works, they did not specify a time table for its release. Since the majority of Internet Explorer users use versions 6, 7, or 8, it will be interesting to see what gets patched first. We do not know what older versions of Internet Explorer will get patched first and how long until the patch becomes available. If Microsoft sticks to its typical Internet Explorer patch schedule (updated on even-numbered months), we might just see the patch on April the 12th.

Visit this link to read more about the Internet Explorer 8 exploit that started this all.