VUPEN waited for Pwn2Own cash while IE's sandbox leaked
By Darren Pauli, 24 Jul 2014Security outlet VUPEN has revealed it held onto a critical Internet Explorer vulnerability for three years before disclosing it at the March Pwn2Own hacker competition.
The company wrote in a disclosure last week it discovered the vulnerability (CVE-2014-2777) on 12 February 2011 which was patched by Microsoft on 17 June (MS14-035).
Full Article
This vulerblity was patched in Junes Updates schedule Microsoft Security Bulletin Minor Revisions Issued: June 17, 2014