 |
 |
|
|
 |
 |
You are here: News > News > Microsoft is rushing a remedy patch for vulnerability
| » IT Security NEWS |
| » 15 March 2010 |
| Microsoft is rushing a remedy patch for vulnerability |
A hazardous vulnerability was detected in the Internet Explorer (IE) security and Microsoft is currently trying out the update for this one. The company announced that this will be released even before the update, which was supposedly planned on Tuesday.
Based on an announcement made by Jerry Bryant, a senior manager with the Microsoft Security Response Center (MSRC), there is a possibility that Microsoft might send out an emergency patch regarding the said lapse in the IE’s security apart from the mainstream update. The users are also assured that the Microsoft team is currently doing its best in order to remedy the vulnerability and the soon-to-be released update is already being examined closely.
IE lapses are being illegally controlled
There had been warnings, made on Tuesday, considering the faults in the Internet Explorer version 6 and 7. And, the hackers are already abusing these vulnerabilities by manipulating the identified bug.
Moshe Ben Abu, a security researcher based in Israel, was able to take hold of the attack code from a certain website, which is used to carry out “drive-by” attacks. And then, the Israeli researcher distributed the said exploit to the Metasploit penetration testing framework.
However, even before the Israeli security researcher published the said exploit, experts were already convinced that Microsoft will make an out-of-band update in order to fight the attack code.
There is still no clarity whether Microsoft will release its fix patch but there is a great chance for an out-of-band update, according to Bryant. It was also explained that the extensive examination of the update takes huge amount of time from the whole process since it will be the basis whether the update is helpful or not. Moreover, this will verify if the update will be applicable for the recent versions of Internet Explorer since only these versions possess the hazardous bug.
Instant remedy may be applied
Microsoft released an automated “Fix it” tool for the users in order to avoid the damaging effect of the part of the iepeers.dll where the flaw was originally found. This tool may be used in computers with the systems of either Windows XP or Windows Server 2003.
This is just one of the solutions suggested by Microsoft in order to repair the said fault. Three other solutions were announced and these are: disabling of scripts, enabling of the data execution prevention (DEP), and updating the version of the browser into Internet Explorer 8.
Microsoft has been the desired target of hackers based on the fact that it is already the second time this year in which the vulnerabilities of IE were exploited even before a scheduled update. Google and Adobe are two of the many other companies, which became victims of the attack caused by the occurrence of the lapses in the IE. In order to resolve the problem, Microsoft made an out-of-band patch on January 21.
Microsoft plans to release the update a few weeks from now on April 13, 2010.
|
 |
| Click Here For Web Shop |
 |
Subscribe to our Mailing List |
|
Customer References | |
|
||
| More satisfied customers | ||
|
aAwards & Reviews | |||||||
|
||||||||
| View more awards.. | ||||||||
|
Free Services |
Free WiFi Security Guide