Sunday, February 21, 2010

Microsoft to issue patch for IE flaw

Bangalore: Microsoft is planning to issue an out-of-cycle patch for the Internet Explorer flaw thought to have been central to the cyber attacks against Google and other companies. The company announced that given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves, and the escalating threat environment, it will release a security update out-of-band for this vulnerability, reports CNET News. 


Although Microsoft didn't reveal as to when exactly it would release the patch, it promised to give out more details on Wednesday. Normally, Microsoft releases patches for its software on Patch Tuesday, as it has come to be known, so that corporations that use Microsoft products will know what's coming and can plan accordingly. But every now and then it also breaks with that pattern upon the discovery of an important flaw or vulnerability that requires a fast fix, since Patch Tuesday only comes once a month. The next Patch Tuesday is scheduled for February 9.

The vulnerability at issue in the cyber attacks that have prompted a showdown between Google and China affects versions 6, 7, and 8 of Internet Explorer, although Microsoft said that attacks have only been successful on systems running IE 6. The company advised IE users to upgrade to Internet Explorer 8 to protect themselves against attacks. The news comes after researchers from Vupen Security reported that technology designed to mitigate attacks in newer versions of IE can be bypassed.

No comments:

Post a Comment