facebook rss twitter

Microsoft patches critical Internet Explorer hole

by Parm Mann on 22 January 2010, 10:17

Tags: Internet Explorer, Microsoft (NASDAQ:MSFT)

Quick Link: HEXUS.net/qavq7

Add to My Vault: x

Software giant Microsoft has issued an out-of-band security update to patch a highly-publicised security hole in its Internet Explorer browser.

The flaw, affecting multiple versions of IE, was recently used in a major cyber attack on Google, in which hackers accessed the Gmail accounts of Chinese civil rights activists. Following the attack, Google threatened to withdraw from the Chinese market, and European governments - including France and Germany - have publicly advised their citizens to avoid using Microsoft's browser.

Widespread media attention has resulted in Microsoft issuing an out-of-band update that "addresses several vulnerabilities," some of which "could allow remote code execution if a user views a specially crafted Web page using Internet Explorer".

"We’ve released this Cumulative Security Update earlier than originally scheduled based on malicious activities reported on the web," said the company in a statement, prior to admitting that it knew about the security hole "since early September" 2009 and wasn't scheduled to issue a fix until February 2010.

The bad publicity comes in a week in which rival browsers - including Opera, Google's Chrome and Mozilla's Firefox - have all announced new reasons for users to switch.

Microsoft's IE security update (MS10-002) is available via Windows Update for Internet Explorer versions 5.01, 6, 7, and 8.



HEXUS Forums :: 26 Comments

Login with Forum Account

Don't have an account? Register today!
Widespread media attention has resulted in Microsoft issuing an out-of-band update that “addresses several vulnerabilities,” some of which "could allow remote code execution if a user views a specially crafted Web page using Internet Explorer".
Why does that phrase always put me in mind of a group of dwarves, gathered round a monitor, delicately putting finishing touches to their masterpiece and giggling evilly…? ;)
Saw the update this morning and inatalled it. TBH it was blown waaaaay out of proportion. I still use IE8
There is something to be said for making it harder for “semi-targeted” or demographically targeted attacks by having a mix of software. A homogeneous environment is much easier to be naughty in.

Still I wouldn't go as far as encouraging someone to change their browser thou.
Temi_D
Saw the update this morning and inatalled it. TBH it was blown waaaaay out of proportion. I still use IE8
What he said.
Surely everyone should just switch to Firefox.

I think it's much better and there aren't as many problems as with IE (though if there are, maybe they're just not as widely reported)