Tuesday, December 16, 2008

Microsoft Will Release Emergency IE Patch

Microsoft announced today that they will issue an emergency patch on Wednesday to deal with a critical bug in Internet Explorer (IE) that attackers have been exploiting for more than a week.

The patch will fix the much publicized zero-day exploit that was confirmed by Microsoft late last week. The exploit which originally was down played by Microsoft could potentially allow hackers to take over victims' machines simply by steering them to infected Web sites; users don't have to download anything for their computers to get infected, which makes the flaw even more hazardous.

The Associated Press reports that thousands of web sites have already been compromised by criminals looking to exploit the flaw. The bad guys have loaded malicious code onto those sites that automatically infect visitors' machines if they're using Internet Explorer and haven't employed a complicated series of workarounds that Microsoft has suggested.

According to today's advance notification, Microsoft will deliver the out-of-cycle patch Wednesday at 1 p.m. EST via its normal update mechanisms, including Windows Update, Microsoft Update and Windows Server Update Services (WSUS).

No comments:

Post a Comment

All comments will be moderate for content, please be patient as your comment will appear as soon as it has been reviewed.

Thank you