James Delahunty
22 Jan 2010 17:38
Microsoft released a patch for its Internet Explorer browser yesterday, aimed at protecting users of the software from vulnerabilities that were exploited in the recent Google China hack. The company claimed that hackers had targeted Google and at least 20 other companies in China by exploiting the browser weakness, and said the patch should be considered critical and applied as soon as possible.
Symantec Corp. warned that others have now begun to exploit the flaw too, with at least 100 websites being discovered that use the IE weakness. The real threat from the flaw is that it can lead to virus infections without the user having to download and run any file, which is usually the case. The patch address eight vulnerabilities in the Internet Explorer browser.
The websites discovered by Symantec successfully attack Internet Explorer 6 only, but the security firm warns that attackers could target Internet Explorer 7 and 8 as well. The patch will be delivered to most users via Automatic Updates, but can be manually applied through Microsoft's Windows Update site too (you need to be running Internet Explorer).