This is just a quick heads-up that the emergency security patch for Microsoft’s Internet Explorer will be released tomorrow (January 21, 2009).

The update, rated critical for all versions of IE, will cover a remote code execution flaw that has already been used in targeted attacks against U.S. companies, including Google and Adobe.

According to Microsoft’s advance notice, the IE patch affects all supported versions of Windows — from Windows 2000 SP4 through to the newerst Windows 7.

The out-of-band update will follow the public release of exploit code into the Metasploit attack tool.

See this story for more information on the vulnerability and attacks.

Categories: Government, Malware, Vulnerabilities

Comments (4)

  1. Anonymous
    1

    Please make IE 6 (which is absolutely terrific – because I hate for many reasons the IE7 which is extrememly complicated – so many tabs, subtabs, clicking-on-tos, etc.)  but the IE6 needs far more anti-virus blocks, and firewalls, etcs.  built into the system. The IE 6 is vulnerable and it is a shame MC hasn’t done anything to fortify that wonderful system.

    I hope you understand.

    Thanks,

                                                                  Jim

     

     

  2. Anonymous
    4

    i know im command and control for botnet, but 1 weird thing i need to know if its normal or structured intently by the hacker is that i have a new update from ie8 that keeps coming up, i download it, then it says that the one i have is a higher version than the ie8 downloaded.  any ideas on what would cause that such as:  can it be some type of 32bit/64bit confusion or what.  it wont let me update the new ie8 assuming that this one is real.   past experiences showed me that even the update popups are used by the hacker and botnet…

     

    thanks in advanced.

     

     

Comments are closed.