Linked by Thom Holwerda on Wed 20th Jan 2010 22:41 UTC
Internet Explorer Well, that was quick. Microsoft said yesterday it would release an out-of-band security update to fix the vulnerability found in Internet Explorer which was used during the Google attacks. Today it announced the fix will be released tomorrow.
Thread beginning with comment 405209
To read all comments associated with this story, please click here.
Not only IE6
by lemur2 on Thu 21st Jan 2010 00:10 UTC
lemur2
Member since:
2007-02-17

FTA:

Even though the actual exploit currently out there (the one used in the Google attack) only affects Windows XP running Internet Explorer 6, Microsoft still rates this vulnerability as "Critical", meaning the company takes it quite seriously.


Thom, are you aware that some security experts have come up with exploit code against this vulnerability that they claim works on IE7 and IE8 running on Vista or Windows 7?

It is just that these more advanced exploits weren't seen in the wild or used by attackers.

Microsoft are entirely correct to take this seriously.

Reply Score: 4