Wednesday, December 17, 2008

MICROSOFT RELEASES EMERGENCY PATCH FOR PC
























The Microsoft Corporation is taking the unusual step of issuing an emergency fix for a security hole in its Internet Explorer software that has exposed millions of users to having their computers taken over by hackers.

The “zero-day” vulnerability, which came to light last week, allows hackers to take over victims’ machines simply by steering them to infected websites; users do not have to download anything for their computers to get infected, which makes it all the more dangerous. Internet Explorer is the world’s most widely used web browser.

Microsoft said it planned to ship a security update, rated “critical,” for the browser on Wednesday. People with the Windows Update feature activated on their computers will get the patch automatically.

Thousands of websites have already been compromised by hackers looking to exploit the flaw. Malicious codes have been loaded on to those sites, which automatically infect visitors’ machines if they are using Internet Explorer and have not employed a complicated series of workarounds that Microsoft has suggested. Microsoft said it had seen attacks targeting the flaw only in Internet Explorer 7, but has cautioned that all other current editions of the browser are vulnerable.

No comments: