As mentioned by RonH in Newly discovered critical security hole in IE, a security problem has been found that affects Internet Explorer 6, 7, 8 and 9. Internet Explorer 10 (for Windows 8) is not affected. See Microsoft Security Advisory (2757760) - Vulnerability in Internet Explorer Could Allow Remote Code Execution.
It hasn't been used "in the wild" yet, so there is no reason to panic, but it is wise to be very careful until Microsoft releases a patch:
- Make sure that your security software is active and up-to-date.
- As always, don't open attachments or follow links in e-mails if you aren't sure they're safe.
- If you use social media such as Facebook, don't follow links if you aren't sure they're safe.
- Don't visit doubtful websites.
You may consider using another browser, such as Google Chrome, Mozilla Firefox or Opera in the meantime.
Security problem in IE6 - IE9
-
- Administrator
- Posts: 78493
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Security problem in IE6 - IE9
Best wishes,
Hans
Hans
-
- GoldLounger
- Posts: 3081
- Joined: 24 Jan 2010, 19:07
Re: Security problem in IE6 - IE9
There are reports that it had been used in the wild before it was published. Perhaps you are referring to Microsoft's comment, that they are aware of "targeted attacks". But I definitely agree with you, that it is wise to be very careful. It's now part of "attack tools".
As for the vulnerability, and Microsoft, see also:
Additional information about Internet Explorer and Security Advisory 2757760 (18 Sep)
And then from the MSRC blog:
Internet Explorer Fix it available now; Security Update scheduled for Friday
As for the vulnerability, and Microsoft, see also:
Additional information about Internet Explorer and Security Advisory 2757760 (18 Sep)
And they did; the next day, 19 Sep, the advisory was updated.We will release a Fix it in the next few days to address an issue in Internet Explorer, as outlined in the Security Advisory 2757760 that we released yesterday.
And then from the MSRC blog:
Internet Explorer Fix it available now; Security Update scheduled for Friday
So, there will be an "out of band" (or perhaps "out of phase" ) cumulative update for IE, MS12-063, on Friday.Then, on this Friday, Sept. 21, we will release a cumulative update for Internet Explorer through Windows Update and our other standard distribution channels. We recommend that you install this update as soon as it is available. If you have automatic updates enabled on our PC, you won’t need to take any action – it will automatically be updated on your machine. This will not only reinforce the issue that the Fix It addressed, but cover other issues as well.
Byelingual When you speak two languages but start losing vocabulary in both of them.
-
- Administrator
- Posts: 78493
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands