The patch for the Internet Explorer flaw thought to be behind the Google hack will arrive tonight, Microsoft has said.
Writing on the Microsoft security blog, Jerry Bryant said the patch would be issued as close to 10:00 am PST - 5pm in Britain - as possible.
Advising users to update immediately, Bryant said: "It addresses the vulnerability related to recent attacks against Google and small subset of corporations, as well as several other vulnerabilities. Once applied, customers are protected against the known attacks that have been widely publicised."
However, Microsoft continued to say that attacks in the wild were only targeting IE6 - not the newer versions of the browser. "Based on our comprehensive monitoring of the threat landscape, we continue to see only limited attacks. To date, the only successful attacks that we are aware of have been against Internet Explorer 6," Bryant noted in the bulletin.
The IE6 vulnerability is thought to be behind the battle between Google and China, and has also lead Germany and France to issue warnings against using the dated browser.
The UK finally warned its own users yesterday, with a Cabinet Office statement saying: "Government departments have been issued an alert on how to deal with this particular incident and to mitigate against vulnerabilities in relation to particular versions of IE."
-
Vulnerability management complexity is leaving enterprises at serious riskNews Fragmented data and siloed processes mean remediation is taking too long
-
Beat cyber criminals at their own gameWhitepaper A guide to winning the vulnerability race and protection your organization
-
Same cyberthreat, different storyWhitepaper How security, risk, and technology asset management teams collaborate to easily manage vulnerabilities
-
Three steps to transforming security operationsWhitepaper How to be more agile, effective, collaborative, and scalable
-
Should your business start a bug bounty program?In-depth Big tech firms including Google, Apple and Microsoft offer bug bounty programs, but can they benefit smaller businesses too?
-
Accessing the XDR realmWhitepaper A guide for MSPs to unleash modern security
-
Why zero trust strategies failIn-depth Zero Trust is the gold standard for organizations in protecting systems from cyber attacks, but there are many common implementation pitfalls businesses must avoid
-
Sitecore XP RCE flaw is being actively exploited, ACSC warnsNews The vulnerability was fixed last month but hackers are now moving against patching laggards
