New un-patched IE flaw found a day after latest hotfix

A security research firm said it discovered another set of vulnerabilities in Internet Explorer, a day after Microsoft Corp patched the Web browser following a high-profile cyber attack on Google in China. The new attack uses smaller un-patched vulnerabilities in Internet Explorer, small enough they couldn't compromise a system, but together they can overwhelm Internet Explorer and give access to a users machine if the individual clicks on a malicious link. Jorge Luis Alvarez Medina said to Reuters, "There are three or four ways to conduct this type of attack." Alvarez Medina is a security consultant with Boston-based Core who have been researching Internet Explorer weaknesses. The smaller exploits triggers four or five minor exploits at the same time, by three or four different methods to trigger the attack. Alvarez Medina said that the attack uses a string of four or five minor exploits in Internet Explorer. The vulnerability will be demonstrated at the yearly Black Hat Security conference, which will take place on February 2, 2010.