In what will be Microsoft’s second ‘out of band’ patch this year, the company will Tuesday release a security update – MS10-018 - to fix the zero day vulnerability that has, of late, been affecting Internet Explorer 6 and Internet Explorer 7, and has been used in targeted attacks over the last few weeks.
The flaw is a consequence of an invalid pointer reference within Internet Explorer (IE); and is accessible after an object is deleted – thereby allowing the hackers to carry out remote code execution attacks. Microsoft had cautioned the users against the attacks in its Security Advisory 981374 – the company’s official March ‘Patch Tuesday’ release.
According to a Monday statement on Microsoft’s official blog, the update will fix as many as nine vulnerabilities, some of which also affect the IE 8. Microsoft also added that the nine vulnerabilities “were responsibly disclosed;” and added that the company is unaware of any active attacks that are targeting these vulnerabilities.
0 comments:
Post a Comment