Microsoft has not patched security issues in IE8 for 7 months

According to security company Zero Day Initiative, Internet Explorer 8 browser has appeared a security hole for more than half a year, but Microsoft almost never bothered to fix this error.

Zero Day Initiative (ZDI) said the aforementioned vulnerability has existed since October 2013. Hackers will take advantage of this vulnerability by creating a website containing malicious code. When IE 8 users access this website, the malicious code is activated will help hackers " sneak " into the computer and steal information.

Microsoft has been notified of this vulnerability since October last year so far the company hasn't released a patch yet. Maybe Internet Explorer 8 is the last browser to support Windows XP operating system, Windows XP has also been "deadly" by Microsoft so the software giant has not bothered to look at the safety of IE 8 users. But there may also be another reason, that is that the vulnerability is so hard to cure!

According to ZDI's policy, if a software vulnerability is not patched after 6 months, the company will make it public. And they did this on May 22. However, ZDI said it has not detected any signs of hackers exploiting the flaw. This means that the vulnerability has expanded over the past 6 months but no bad guys have tried to take advantage of it.

This is not the only vulnerability in IE that has been discovered since Microsoft stopped supporting Windows XP. On April 26, security firm FireEye discovered the vulnerability was in all versions of IE, from IE 6 to IE 11. And Microsoft released the patch five days later.