Jump to content


anyweb

Microsoft confirms plan to release out-of-band IE update

Recommended Posts

Posted by Ed Bott @ 12:05 pm

 

I just spoke with George Stathakopoulos, General Manager of Trustworthy Computing Security at Microsoft, regarding the ongoing security issue affecting Internet Explorer. (For background, see my earlier post, It’s time to stop using IE6. For an update on the vulnerability and its impact, see this Zero Day blog post from ZDNet’s Ryan Naraine.)

 

According to Stathakopoulos, a security update for all versions of Internet Explorer will be released “out of band” - that is, earlier than the next regularly scheduled update cycle on Patch Tuesday, February 9. The update is currently undergoing testing, and Microsoft expects to announce a release schedule tomorrow, January 19.

 

Separately, Gregg Keizer at ComputerWorld reports that French security researchers claim to have circumvented the Data Execution Prevention security feature and executed their own exploit code on Internet Explorer 8 with DEP enabled. A Microsoft spokesperson says they are investigating those claims and “will take appropriate action to help protect customers.”

 

Stathakopoulos reiterated that Microsoft so far has seen only “very limited and targeted attacks” and confirmed that the only successful attacks have been against IE6.

 

via > http://blogs.zdnet.com/Bott/?p=1651

Share this post


Link to post
Share on other sites



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.