Menu
Microsoft to release emergency Internet Explorer patch on Monday

Microsoft to release emergency Internet Explorer patch on Monday

The patch will fix a vulnerability in Internet Explorer 6, 7 and 8

Microsoft will release a patch on Monday for older versions of its Internet Explorer browser, deviating from its normal repair schedule due to the seriousness of the problem.

The vulnerability, which is present in IE 6, 7 and 8, is a memory corruption issue. It can be exploited by an attacker via a drive-by download, a term for loading a website with attack code that delivers malware to a victim's computer if the person merely visits the website.

Microsoft released a quick fix for the issue earlier this month, but did not have a more permanent patch ready when it released its monthly batch of patches last Tuesday. The company will occasionally release an emergency patch if the software vulnerability is considered a high risk.

"While we have still seen only a limited number of customers affected by the issue, the potential exists that more customers could be affected in the future," wrote Dustin Childs, group manager for the company's Trustworthy Computing Group, on a company blog on Sunday.

The patch, which will be released at 10 AM PST, will be distributed through Windows Update. Childs wrote users will not have to uninstall the quick fix before applying the patch, which will be installed automatically for those who have automatic updates enabled.

Security vendor Symantec credited a group called Elderwood as finding the IE vulnerability due to similarities in the attack code that uses the vulnerability with other attack code.

The Elderwood group has discovered as many as nine other vulnerabilities since 2009 and appears to favor targeting defense contractors, human rights groups, non-governmental organizations and IT service providers, according to a Symantec report issued in September.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Follow Us

Join the ARN newsletter!

Error: Please check your email address.

Tags Microsoftsecuritypatch managementExploits / vulnerabilitiesdata protectionmalware

Slideshows

IN PICTURES: Mitel A/NZ Channel event Sydney (+23 photos)

IN PICTURES: Mitel A/NZ Channel event Sydney (+23 photos)

Unified communications company, Mitel, invited its top 30 partners in A/NZ to the Intercontinental Hotel in Sydney’s Double Bay. This is the first time the broader A/NZ Mitel channel community have been together since the company re-branding back in October 2014, post Aastra acquisition. ARN received an invite to join attendees for drinks and canapés on the hotel rooftop as Mitel and its partners toasted their recent success.

IN PICTURES: Mitel A/NZ Channel event Sydney (+23 photos)
IN PICTURES: ARN Emerging Leaders Think Tank, Sydney (+40 photos)

IN PICTURES: ARN Emerging Leaders Think Tank, Sydney (+40 photos)

Twenty-one industry leaders came together with ARN staff for an Emerging Leaders Think Tank, held at The Bottle Shop in Sydney​. The aim of the planning session was to develop a compelling program for high potential leaders in the Australian ICT industry.​ Over two hours of strong debate a core line of thought evolved which will form the basis of the Emerging Leaders Forum to be held on May 17 in Sydney. Photos by MARIA STEFINA.

IN PICTURES: ARN Emerging Leaders Think Tank, Sydney (+40 photos)

iasset.com is a channel management ecosystem that automates all major aspects of the entire sales, marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Show Comments