Posted on 12/17/2008 10:38:22 AM PST by Red Badger
Microsoft Corp. is taking the unusual step of issuing an emergency fix for a security hole in its Internet Explorer software that has exposed millions of users to having their computers taken over by hackers.
The "zero-day" vulnerability, which came to light last week, allows criminals to take over victims' machines simply by steering them to infected Web sites; users don't have to download anything for their computers to get infected, which makes the flaw in Internet Explorer's programming code so dangerous. Internet Explorer is the world's most widely used Web browser.
Sponsored Links (Ads by Google)
Security for Your PC PC Magazine Editor's Choice Winner Best Anti-Spyware. Secure Your PC! www.pctools.com
Secure your branch IT Manage secure remote hardware from a centralized location www.Avocent.com/branch
SCADA Security Course Hands on SCADA security course learn to assess and secure InfoSecInstitute.com/SCADA_sec Microsoft said it plans to ship a security update, rated "critical," for the browser on Wednesday. People with the Windows Update feature activated on their computers will get the patch automatically.
Thousands of Web sites already have been compromised by criminals looking to exploit the flaw. The bad guys have loaded malicious code onto those sites that automatically infect visitors' machines if they're using Internet Explorer and haven't employed a complicated series of workarounds that Microsoft has suggested.
Microsoft said it has seen attacks targeting the flaw only in Internet Explorer 7, the most widely used version, but has cautioned that all other current editions of the browser are vulnerable.
Microsoft rarely issues security fixes for its software outside of its regular monthly updates. The company last did it in October, and a year and half before that.
---
On the Net:
Microsoft's security advisory:
http://www.microsoft.com/technet/security/advisory/961051.mspx
I’m quite fondue Swiss Cheese............
I like firefox but I like safari much better, am enjoying it.
“I don’t use IE7 — still use IE6. I wonder if the patch is applicable or needed for IE6? Anyone know?”
I think that they said that all are vulnerable, I already downloaded the patch so I switched back to IE from firefox.
I've been using this because I don't have admin rights on my laptop. Works pretty well.
I use Chrome on my Windows box, hopefully they’ll have a Linux version soon.
..........
That would be cool. Is Linux more secure than Windoze?
I think Microsoft is the flaw. Always has been ... always will be.
LOL
So far I’d have to say yes. But it could just be that Windows is just targeted more. If Linux had a larger market share, would hackers start turning their attention more to Linux attacks, I don’t know.
I didn’t realize people still used IE. Everyone I know uses Firefox.
Only liberals use IE..........
I had a whole bunch of problems going from FF 3.0.3 to 3.0.4. Lost my bookmarks, history, etc. Streaming radio stations don’t work anymore. I had problems with T-Bird, too. Don’t know how T-Bird and FF3 are connected is beyond me. It all happened immediately after the upgrade.
I think Microsoft is the flaw. Always has been ... always will be.
There's a clue in there somewhere.............
Easy fix...Lose the IE 
and get Firefox!
Coincidence?............
I agree. Once all the kids are out of school (since the schools have both the hype of Microsoft) ... I’m moving to Linux.
ping for pretty soon!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.