Friday, September 21, 2012

IE Fix shipped by Microsoft on Sep 20, 2012

Microsoft will ship an out-of-band security update toady for the zero-day Internet Explorer exploit discovered over the weekend by IT security advisor Eric Romang. The remote code execution vulnerability affects all versions of IE from IE 6 to IE 9 and is considered serious, as it could allow an attacker to launch arbitrary code using a specially crafted website designed to exploit the security flaw.

And we reported earlier this week, the presence of a working exploit released early in the week for Metasploit made it all the more serious. Metasploit is a widely-used penetration-testing suite that is popular with penetration testers and hackers. At that time, Microsoft (NASDAQ: MSFT) offered some mitigation tips, which were followed by a one-click "Fix it for me" automated workaround that does not require a system reboot.
Read more: Microsoft to ship permanent fix for IE Friday - FierceCIO:TechWatch 

or the related article at



Share It

Popular Posts