Microsoft's out-of-band IE patch to arrive tonight
Microsoft has rushed out a patch for a flaw in Internet Explorer.


The patch for the Internet Explorer flaw thought to be behind the Google hack will arrive tonight, Microsoft has said.
Writing on the Microsoft security blog, Jerry Bryant said the patch would be issued as close to 10:00 am PST - 5pm in Britain - as possible.
Advising users to update immediately, Bryant said: "It addresses the vulnerability related to recent attacks against Google and small subset of corporations, as well as several other vulnerabilities. Once applied, customers are protected against the known attacks that have been widely publicised."
However, Microsoft continued to say that attacks in the wild were only targeting IE6 - not the newer versions of the browser. "Based on our comprehensive monitoring of the threat landscape, we continue to see only limited attacks. To date, the only successful attacks that we are aware of have been against Internet Explorer 6," Bryant noted in the bulletin.
The IE6 vulnerability is thought to be behind the battle between Google and China, and has also lead Germany and France to issue warnings against using the dated browser.
The UK finally warned its own users yesterday, with a Cabinet Office statement saying: "Government departments have been issued an alert on how to deal with this particular incident and to mitigate against vulnerabilities in relation to particular versions of IE."
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Freelance journalist Nicole Kobie first started writing for ITPro in 2007, with bylines in New Scientist, Wired, PC Pro and many more.
Nicole the author of a book about the history of technology, The Long History of the Future.
-
M&S suspends online sales as 'cyber incident' continues
News Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
By Ross Kelly
-
Manners cost nothing, unless you’re using ChatGPT
Opinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
By Ross Kelly
-
Vulnerability management complexity is leaving enterprises at serious risk
News Fragmented data and siloed processes mean remediation is taking too long
By Emma Woollacott
-
Beat cyber criminals at their own game
Whitepaper A guide to winning the vulnerability race and protection your organization
By ITPro
-
Same cyberthreat, different story
Whitepaper How security, risk, and technology asset management teams collaborate to easily manage vulnerabilities
By ITPro
-
Three steps to transforming security operations
Whitepaper How to be more agile, effective, collaborative, and scalable
By ITPro
-
Should your business start a bug bounty program?
In-depth Big tech firms including Google, Apple and Microsoft offer bug bounty programs, but can they benefit smaller businesses too?
By Kate O'Flaherty
-
Accessing the XDR realm
Whitepaper A guide for MSPs to unleash modern security
By ITPro
-
Why zero trust strategies fail
In-depth Zero Trust is the gold standard for organizations in protecting systems from cyber attacks, but there are many common implementation pitfalls businesses must avoid
By Sandra Vogel
-
Sitecore XP RCE flaw is being actively exploited, ACSC warns
News The vulnerability was fixed last month but hackers are now moving against patching laggards
By Rene Millman