Microsoft releases emergency patch for critical IE flaw

December 19, 2008 — 3:05am ET | By Paul Mah

Tools

Tags
security patches
Paul Henry
Microsoft
Lumension Security
Microsoft Internet Explorer
Hacking

Microsoft released an emergency patch yesterday that fixes a critical hole in its flagship Internet Explorer web browser. Despite a dip in market share recently, Internet Explorer is still the clear leader in the web browser market. As such, security analysts are breathing a sigh of relief. They hope this patch will counter the increase in attacks that leverage this serious vulnerability via hacked websites.

Paul Henry, a forensic analyst at Lumension Security, noted that this is the second time in 18 months that Microsoft has released an emergency patch. In a statement, Henry wrote, "There were over 100 websites on the 11th hosting some type of malware associated with this vulnerability. Today, that has grown to thousands of sites now hosting the malware." This shows that the concept code to exploit this particular flaw has been spotted since the December 11. IT professionals are urged to patch this as soon as possible. Meanwhile, the next version of Internet Explorer--IE 8--is expected to be out in the first quarter of 2009.

For more on this story:
- check out this article at TG Daily

SHARE WITH: