Hole in Internet Explorer: Good news and bad news
According to reports, Microsoft plans to release an emergency patch to close the hole in Internet Explorer that has been exploited for attacks on vendors, such as Google, before the end of this week. The patch is currently undergoing quality assurance testing.
One can only hope that Microsoft will deliver, as the likelihood of successful attacks is increasing. Microsoft's IE exploitability assessment, which states that it's mainly the users of Internet Explorer 6 under Windows 2000 and XP that are at risk, has been contradicted by several security specialists. Microsoft currently recommends that users switch to Internet Explorer 8 because, although this version is vulnerable, they say the hole cannot be exploited while the Data Execution Prevention (DEP) feature is enabled.
Microsoft say they are not currently aware of any criminals exploiting the hole for deploying malware such as trojans via drive-by downloads. Nevertheless, it is advisable to use an alternative browser such as Firefox or Opera until an update has been released.
- UK Government won't issue Internet Explorer warning, a report from The H.
- Targeted attacks on businesses continue, a report from The H.
- US to protest against Chinese hacker attacks, a report from The H.
- Warning over using Internet Explorer from German Government as exploit goes public, a report from The H.
- Security update released for Adobe Reader and Acrobat, a report from The H.
- Google considers closing its Chinese operation, a report from The H.
- US report: China is expanding its corporate cyber espionage, a report from The H.
- Infiltrated Chinese software spies on Tibetan government in exile's computers, a report from The H.
- F-Secure advises against using Adobe Reader, a report from The H.