Microsoft takes urgent step to patch stubborn Internet Explorer flaw

Fixing the problem can't wait until next month's patch Tuesday

Look today for a Microsoft patch that repairs a vulnerability in old versions of Internet Explorer that have been exploited in the wild and that persisted despite a Fix It tool issued last month.

The flaw affects IE 6, 7, and 8 and makes it possible for attackers to execute malicious code and take control of target machines by exploiting the flaw from tainted Web sites. Exploits were posted online and used on thousands of sites.

BACKGROUND: Patch Tuesday fails to address Internet Explorer zero-day exploit 

MORE: 11 (FREE!) Microsoft tools to make life easier 

Microsoft had said the surest way to avoid the problem was to upgrade to a later version of IE but many couldn't.

Microsoft took steps to block the attacks with a temporary solution that was hacked within days, prompting Microsoft now to step outside its normal security bulleting schedule of releasing patches on the first Tuesday of each month.

A Webcast today at 4 p.m. Eastern time will feature Microsoft experts who will answer customers' questions about the patch.

(Tim Greene covers Microsoft for Network World and writes the Mostly Microsoft blog. Reach him at tgreene@nww.com and follow him on Twitter https://twitter.com/#!/Tim_Greene.)

Insider Shootout: Best security tools for small business
Join the discussion
Be the first to comment on this article. Our Commenting Policies