NZ ICT company uncovers Microsoft browser vulnerabilities

Wellington-based ICT security company, — owned by Dimension Data — says it uncovered vulnerabilities in the Microsoft Edge and Internet Explorer browsers for which Microsoft issued patches in May.

It said the vulnerabilities would enable attackers to obtain sensitive information and potentially run malicious code on victim machines.

The company said the vulnerabilities were discovered by its principal consultant Scott Bell, who had reported numerous vulnerabilities to Microsoft in the past.

Bell said: “ follows responsible disclosure guidelines. This means alerting the vendor to the vulnerabilities immediately and not releasing information about the vulnerabilities until they are fixed to prevent malicious actors from actively exploiting the vulnerabilities.” says it was the first ethical hacking security company set up in New Zealand and claims to have developed its own in-house, proprietary methodologies to discover vulnerabilities.

Microsoft’s acknowledgements web site — which has not been updated since March — lists the most recent vulnerabilities uncovered by Bell as being in March. It applies to Microsoft Edge only and is described as critical “The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge,” Microsoft said.

“An attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags disclosureMicrosoftcybercrimeVulnerabilitiescyber attacksInternet Explorermalicious softwareremote accessdimension datamalicious codesecurity-assessment.comMicrosoft Edgeremote code

More about Dimension DataMicrosoft

Show Comments