Microsoft releases emergency patch to fix Internet Explorer
Another out-of-cycle patch is rushed out by Microsoft, but Firefox and Opera shouldn’t look so superior – they’ve got their own problems to contend with.
Microsoft will today release an emergency out-of-band patch which aims to fix a widely-reported vulnerability in virtually all versions of Internet Explorer.
Concern had reached fever-pitch as attacks on the browser escalated to take advantage of the flaw, which affected not only the current Internet Explorer 7, but IE 5.01 SP4, IE 6 SP1 and IE 8 Beta 2.
The critical out-of-band update follows the discovery of password-stealing Trojans on various sites centred in China. Hackers have exploited this by using SQL injection techniques, which create malicious links on legitimate websites.
The out-of-band update will be the second emergency patch released by Microsoft in the last few months. The first emergency patch was also marked as critical, and fixed a flaw which let an attacker take control of a target's computer.
A spokesperson at security firm McAfee said: "Microsoft has issued 77 Security Bulletins in 2008, compared with 69 bulletins in 2007 and 78 in 2006.
"The number of Security Bulletins isn't decreasing, indicating that security problems in Microsoft software aren't likely to become a thing of the past anytime soon."
However Internet Explorer isn't the only browser needing patching, as Mozilla also rolled out a final security fix for Firefox 2 as a new version of Firefox 3 which plugs three critical vulnerabilities and a number of other lower priority issues.
Sign up today and you will receive a free copy of our Future Focus 2026 report - the leading resource for IT decision-maker insight on priorities and investment areas in AI, security and more.
Opera has also released a "recommended security upgrade" that fixes a number of security vulnerabilities, including some marked "extremely" and "highly severe".
The patch should be available after 6pm today.
-
ITPro is 20!We take a look back on the past two decades since ITPro launched...
-
Cyber experts issue alert after two ransomware groups team up on ‘unprecedented’ threat campaignNews The tie-up includes a new model of industrialized ransomware deployment that significantly lowers the barrier to entry for cyber crime
-
Apple is speeding up software patching due to AI security concerns – here’s what you need to knowNews Apple is speeding up its software patching processes amid rising concerns that AI is helping hackers to spot and exploit flaws at a far quicker pace.
-
Microsoft defends “negligent” security approach that prolonged vulnerability fix for five monthsNews The tech giant has refuted claims that its practices have left customers “in the dark”
-
Ubuntu shifts to four-week update cycleNews Critical fixes will also come every two weeks, mitigating the issues involved with releasing prompt patches on the old three-week cadence
-
Microsoft angers admins as April Patch Tuesday delivers password feature without migration guidanceNews Security fixes include a zero day exploited by a ransomware group and seven critical flaws
-
Spanish spyware outfit uncovered, develops exploits for Windows, Chrome, and FirefoxNews Google was only able to discover the company after an anonymous submission was made to its Chrome bug reporting programme
-
Firefox 95 boosts protection against zero-day attacksNews Mozilla's browser now takes a more granular approach to walling off code
-
Mozilla to end support for Firefox Lockwise password managerNews Replacement service already lined up as browser specialist continues to streamline business
-
Firefox available on Microsoft Store for first timeNews Gecko-based browser arrives after Microsoft removes restrictions