Microsoft issues emergency patch for IE vulnerability
This is a public service announcement for all those poor unfortunate souls still using Internet Explorer.
Stop it. Now. Get Firefox or buy a Mac. Microsoft will issue an emergency patch later today to quash a critical bug in Internet Explorer (IE) that attackers have been exploiting for more than a week, the company announced on Tuesday.
The advance warning came less than a week after Microsoft acknowledged that exploit code had gone public and was being used by hackers to hijack Windows PCs running IE. Microsoft will deliver the out-of-cycle patch on Wednesday at 1 p.m. EST via its normal update mechanisms, including Windows Update, Microsoft Update and Windows Server Update Services (WSUS). Initially, Microsoft and other security companies believed that only IE7 was vulnerable to attack, but on review, the company confirmed that all versions of its browser, including IE5.01, IE6 and IE8 Beta 2, contain the bug. So even the much vaunted IE8 is crap.
And Microsoft have today acknowledged that attacks can be launched through Outlook Express because Outlook Express renders HTML-based messages using IE's engine. Attackers could exploit the bug by getting users to open or view malicious messages.
Come on people stop reading emails in HTML. Switch to plain text, you know it makes sense.
According to Tuesday's advance notification, Microsoft will provide patches to users of Windows 2000, XP, Vista, Server 2003 and Server 2008 for IE5.01, IE6 and IE7.
A separate patch will apparently be issued tomorrow for IE8 Beta 2, a preview version of Microsoft's next browser that is not officially on the support list.
--
Moving to Dubai? Get a quote for your overseas move to Dubai from anywhere in the world.
http://www.overseasmovingsolutions.com/moving-to-dubai.html
Stop it. Now. Get Firefox or buy a Mac. Microsoft will issue an emergency patch later today to quash a critical bug in Internet Explorer (IE) that attackers have been exploiting for more than a week, the company announced on Tuesday.
The advance warning came less than a week after Microsoft acknowledged that exploit code had gone public and was being used by hackers to hijack Windows PCs running IE. Microsoft will deliver the out-of-cycle patch on Wednesday at 1 p.m. EST via its normal update mechanisms, including Windows Update, Microsoft Update and Windows Server Update Services (WSUS). Initially, Microsoft and other security companies believed that only IE7 was vulnerable to attack, but on review, the company confirmed that all versions of its browser, including IE5.01, IE6 and IE8 Beta 2, contain the bug. So even the much vaunted IE8 is crap.
And Microsoft have today acknowledged that attacks can be launched through Outlook Express because Outlook Express renders HTML-based messages using IE's engine. Attackers could exploit the bug by getting users to open or view malicious messages.
Come on people stop reading emails in HTML. Switch to plain text, you know it makes sense.
According to Tuesday's advance notification, Microsoft will provide patches to users of Windows 2000, XP, Vista, Server 2003 and Server 2008 for IE5.01, IE6 and IE7.
A separate patch will apparently be issued tomorrow for IE8 Beta 2, a preview version of Microsoft's next browser that is not officially on the support list.
--
Moving to Dubai? Get a quote for your overseas move to Dubai from anywhere in the world.
http://www.overseasmovingsolutions.com/moving-to-dubai.html