Emergency IE Patch Coming on January 21

Author: Ryan Naraine
minute read

This is just a quick heads-up that the emergency security patch for Microsoft’s Internet Explorer will be released tomorrow (January 21, 2009).The update, rated critical for all versions of IE, will cover a remote code execution flaw that has already been used in targeted attacks against U.S. companies, including Google and Adobe.

This is just a quick heads-up that the emergency security patch for Microsoft’s Internet Explorer will be released tomorrow (January 21, 2009).

The update, rated critical for all versions of IE, will cover a remote code execution flaw that has already been used in targeted attacks against U.S. companies, including Google and Adobe.

According to Microsoft’s advance notice, the IE patch affects all supported versions of Windows — from Windows 2000 SP4 through to the newerst Windows 7.

The out-of-band update will follow the public release of exploit code into the Metasploit attack tool.

See this story for more information on the vulnerability and attacks.

Suggested articles

Discussion

  • Anonymous on

    Please make IE 6 (which is absolutely terrific - because I hate for many reasons the IE7 which is extrememly complicated - so many tabs, subtabs, clicking-on-tos, etc.)  but the IE6 needs far more anti-virus blocks, and firewalls, etcs.  built into the system. The IE 6 is vulnerable and it is a shame MC hasn't done anything to fortify that wonderful system.

    I hope you understand.

    Thanks,

                                                                  Jim

     

     

  • Anonymous on

    you got the year wrong it is 2010 now lol its cool

     

    eric

  • EJ on

    Patch is out now, just picked it up @ 2PM EST.

  • Anonymous on

    i know im command and control for botnet, but 1 weird thing i need to know if its normal or structured intently by the hacker is that i have a new update from ie8 that keeps coming up, i download it, then it says that the one i have is a higher version than the ie8 downloaded.  any ideas on what would cause that such as:  can it be some type of 32bit/64bit confusion or what.  it wont let me update the new ie8 assuming that this one is real.   past experiences showed me that even the update popups are used by the hacker and botnet...

     

    thanks in advanced.

     

     

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.

Subscribe now

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.