Patch Tuesday doesn’t comprise security update to resolve Pwn2Own vulnerabilities

Apr 10, 2013 07:17 GMT  ·  By

Microsoft has rolled out several security updates for Internet Explorer on April’s Patch Tuesday, but the company has reportedly skipped critical fixes to address the vulnerabilities discovered during the Pwn2Own hacking marathon.

Internet Explorer got hacked during the first day of the event, so Microsoft was expected to patch the flaws on Patch Tuesday, especially because both Mozilla and Google have already fixed similar issues in Firefox and Chrome.

Microsoft told ThreatPost that it takes a while to patch these flaws, but users have nothing to worry about, as no successful attacks have been reported so far.

“Microsoft works with the security community to protect our customers against all threats and we are investigating possible issues identified by researchers during the Pwn2Own competition. We are not aware of any attacks and the issues should not affect our customers, as Pwn2Own organizers do not publicly disclose the competition’s findings,” said Dustin Childs, group manager, Microsoft Trustworthy Computing.