Microsoft has issued an emergency patch update in order to fix a zero-day bug affecting Internet Explorer, which has been exploited by hackers targetting IE 6 and 7 users.
The update was initially going to be issued as part of April’s Patch Tuesday release and actually includes fixes for a total of 10 IE vulnerabilities. Only the zero-day, however, has been reported as under attack.
“If administrators used any of the workarounds suggested in the security advisory (KB981374) that prompted this out-of-band release, it is important for them to un-apply the workarounds,” Jason Miller, data and security team manager at Shavlik Technologies, said in a statement. “This will restore functionality that was lost due to the temporary fix.”
Of the remaining vulnerabilities, only three affected IE 8. However two of those – an uninitialized memory corruption issue (CVE-2010-0490) and an HTML object memory corruption vulnerability (CVE-2010-0492) – are rated “critical.”
“With any zero-day exploit that is being actively targeted, it is critical for administrators to patch their systems as soon as possible,” Miller said. “Some patch maintenance cycles are scheduled over weekends to accommodate the known downtime. While many are planning for a long holiday weekend, administrators should not wait to patch this until next week as we know that hackers won’t be taking the weekend off.”
Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…
Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…
OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…
New Google Maps allows users to ask for detailed information on local spots, adds AI-summarised…
US-sanctioned Huawei sees sales surge in first three quarters of 2024 on domestic smartphone popularity,…
Apple posts slight decline in China sales for fourth quarter, as Tim Cook negotiates to…