Microsoft has issued an emergency patch update in order to fix a zero-day bug affecting Internet Explorer, which has been exploited by hackers targetting IE 6 and 7 users.
The update was initially going to be issued as part of April’s Patch Tuesday release and actually includes fixes for a total of 10 IE vulnerabilities. Only the zero-day, however, has been reported as under attack.
“If administrators used any of the workarounds suggested in the security advisory (KB981374) that prompted this out-of-band release, it is important for them to un-apply the workarounds,” Jason Miller, data and security team manager at Shavlik Technologies, said in a statement. “This will restore functionality that was lost due to the temporary fix.”
Of the remaining vulnerabilities, only three affected IE 8. However two of those – an uninitialized memory corruption issue (CVE-2010-0490) and an HTML object memory corruption vulnerability (CVE-2010-0492) – are rated “critical.”
“With any zero-day exploit that is being actively targeted, it is critical for administrators to patch their systems as soon as possible,” Miller said. “Some patch maintenance cycles are scheduled over weekends to accommodate the known downtime. While many are planning for a long holiday weekend, administrators should not wait to patch this until next week as we know that hackers won’t be taking the weekend off.”
Intel shares sag after company shares gloomy revenue predictions, as data centre chip demand hit…
Germany's Tuta Mail says Google broke EU's new DMA rules with March algorithm update that…
US auto safety regulator opens new investigation into adequacy of Tesla Autopilot recall, saying it…
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…