MAJOR Internet explorer vulnerability

[Kevin]

Microsoft will push out an emergency security patch for Internet Explorer on Wednesday, addressing a critical security hole currently being exploited in the wild. Redmond issued advanced notice for tomorrow's fix, describing the out-of-cycle patch as protection from "remote code execution."

The latest zero-day vulnerability stems from data binding bugs that allows hackers access to a computer's memory space, allowing attackers to remotely execute malicious code as IE crashes, Microsoft has said.

Although the exploit was at first contained to warez and porn sites hosted on a variety of Chinese domains, the malicious JavaScript code has since spread to more trusted sites though SQL injection. The flaw is primarily being used to steal video game passwords at present, but could potentially be used to retrieve more critical sensitive data from users as well.

The vulnerability is specifically targeted at surfers running IE 7, but it's also known to affect versions 5, 6, and 8 of the browser as well. All IE users are advised to install the update.

Microsoft's emergency patch will become available Wednesday at 1 PM EST from auto-update and the Microsoft Download Center. A separate patch will be made available for those running IE8 Beta 2.

Stay tuned around the MS Download Center


For the minute, I advise you to use other browsers such as:
(1) Firefox
(2) Google Chrome
(3) Safari

[Samishlol]

Thanks for the update

[xBenxx]

Thanks for this. I hate IE anyway. Google chromz is really good.

[Axel]

Firefox ftw.

[Kevin]

Thanks for the update

Thanks for this. I hate IE anyway. Google chromz is really good.

No problem

[scottish]

ie fw..

[Implement]

This exploit is apparently being sold on the.. "underground" for $4000+

Some people have sad lives?

They've already patched it I think anyway, or should do in the next 24hours.

[Jordy]

You can now put your minds at rest, there was a important update released to Windows users at approximately 6PM GMT.