The Register: Microsoft has decided not to fix an IE 8 zero-day first identified seven months ago, instead telling users to harden up their browsers.
The vulnerability allowed attackers to execute arbitrary code on computers running the older Internet Explorer version 8 through drive-by and phishing attacks.