TechNews

Microsoft's emergency patch for IE

18 December 2008, 18:00 PM

Afp, San Francisco

Microsoft on Wednesday released an emergency patch to fix a perilous software flaw allowing hackers to hijack Internet Explorer browsers and take over computers. The US software giant said security update MS08-078 addresses a vulnerability cyber-criminals can exploit to their advantage. "Microsoft encourages all IE customers to test and deploy this update as soon as possible," said Microsoft security response communications head Christopher Budd. The threat led Microsoft to mobilize security engineering teams worldwide to deliver a software cure "in the unprecedented time of eight days." According to researchers at software security firm Trend Micro, attacks based on the vulnerability in the world's most popular Web browser were spreading "like wildfire" with millions of computers already compromised. Microsoft typically releases patches for its software on the second Tuesday of each month and rushing this fix to computer users out-of-cycle is testimony to the severe danger of the threat, according to Trend Micro. "People should run, not walk, to get it installed," said Trend Micro advanced threat researcher Paul Ferguson. "This vulnerability is being actively exploited by cyber-criminals and getting worse every day." The IE software patch will be automatically applied to hundreds of millions of personal computers due to standard update settings in the machines, according to Microsoft Security Response Alliance director Mike Reavey. Wednesday morning, business networks using IE began getting the critical fix through routine patching processes. Reavey said Microsoft went into "emergency response" mode on December 9 after it first learned of the attacks on IE browsers. A day later, Microsoft published a security advisory that "listed workarounds that blocked all known attacks." "Over the course of the next eight days, this advisory was updated five times, adding newer workarounds and mitigations," Reavey said. "We also continually monitored the threat environment, noting when the attacks began to change in nature and scope."

For all latest news, follow The Daily Star's Google News channel.

Click to comment

Why was 1/11 figure Masud Uddin arrested?

Even during Eid holidays, pressure persists at petrol pumps

Iran claims strike on Israel using Sejjil missile travelling 13× speed of sound

Editor's Pick

Interactive / Operation Searchlight: The night hell opened over Dhaka

Independence and its discontents: For whom was 1971?

The black flag at Rajshahi and the officer who chose conscience

Middle East war: Global economic fallout

Govt buys LNG at lower rates as global prices cool

Microsoft's emergency patch for IE

For all latest news, follow The Daily Star's Google News channel.

Comments

Related News

AI to power Google's battle against fake news

Microsoft to unplug Internet Explorer as it seeks edge in browser war

Launching Ceremony of “Probashi” App

Instagram disables hundreds of accounts tied to hacking of 'OG' usernames

Introducing Team Bangladesh: World champions of ‘First Global Challenge’ robotics competition