 |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |
Microsoft Will Issue Out-of-Band Aurora Patch for IE 6
Microsoft will release a patch for Internet Explorer 6 on Thursday morning that addresses the so-called Aurora exploit used in the China-based cyberattacks against Google and other companies.
“Given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves, and the escalating threat environment, Microsoft will release a security update out of band for this vulnerability,” Microsoft’s George Stathakopoulos said Wednesday.
“We take the decision to go out of band very seriously, given the impact to customers, but we believe releasing an out-of-band update is the right decision at this time,” he added. “We will provide the specific timing of the release tomorrow.”
Vulnerability Not Limited to IE 6
In an updated security advisory, Microsoft said IE 6, IE 7, and IE 8 running on Windows XP, Server 2003, Vista, Server 2008, Windows 7, and Server 2008 R2 are all vulnerable. IE 5.01 SP 4 on Windows 2000 SP 4 is not affected.
The company offered this technical explanation of the vulnerability: “It is possible under certain conditions for (an) invalid pointer (in the browser) to be accessed after an object is deleted. In a specially-crafted (sic) attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.”
Microsoft said the only attacks seen so far target IE 6. “We have not seen attacks against other versions of Internet Explorer,” the advisory said.
The software giant said it is “actively working” with partners in the Active Protection Program and Security Response Alliance to “provide information that they can use to provide broader protections to customers.” Microsoft and its partners will continue to “monitor the threat landscape and take action against malicious sites that attempt to exploit this vulnerability,” the company said.
Forceful Response
The good news is that attackers have to convince users…
source : www.newsfactor.com
Do your friends think you are stupid? Take the challenge and prove them wrong!
Beat your friends on IQ Challenge!
Take the 10-Minute IQ Challenge today. Prove to your friends that you aren't stupid after all!
Wal-Mart $1000 Gift Card in 5 min
$1000 Wal-Mart gift card with just a simple survey!
5min survey = $1000 Best Buy Card
Take a quick 5 min survey and get a chance for a $1000 Best Buy Gift Card!
Which AVATAR Character are You?!
Did you watch Avatar? Are you Jake, Neytiri, or the Colonel? Find out which Avatar Character you really are!
Related News:
- Yep, the iPad Will Be Delayed — But Only a Few Days
- Google Will Experiment with Ultrafast Internet Connections
- Verizon Will Offer Android-Powered Motorola Devour
- Mobile Apps Flood the Market: Will Hackers Notice?
- Google Will Continue To Oppose China Censorship
- Wyclef Jean Will Bring ‘Creole 101′ To His ‘Hope For Haiti’ Performance
- Ellen DeGeneres Will Be ‘The Bomb’ On ‘American Idol,’ Randy Jackson Says
- China: Google case will not affect trade with US (AFP)
- Universities Will Skip Kindle DX Until Blind Can Use It
- Netflix Will Stream Video Content To Wii Game Consoles
Details :
Submited at Wednesday, January 20th, 2010 at 8:00 pm on tech by jessica
Comment RSS 2.0 - leave a comment - trackback