Microsoft patching "Google hack" flaw in IE tomorrow

@ 2010/01/21
Microsoft has issued an Advanced Notification for the out-of-band security bulletin it is releasing tomorrow for Internet Explorer at approximately 10 am PST. The patch will fix vulnerabilities in IE6, IE7, and IE8 on supported editions of Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2—vulnerabilities notably exploited in the recent series of Chinese-based attacks against Google and 30 other tech companies.

Microsoft has previously insisted that the publicly posted exploit code only affects IE6 and as such recommended its users to upgrade. While the software giant says the attacks it sees in the wild are still only successful against IE6, Redmond has rated the flaw "Critical" for all versions of the browser.

Comment from jmke @ 2010/01/21
The flaw works on all IE version if you have DEP disabled; IE6 doesn't have DEP; IE7 has it, but disabled by default. IE8 has it, enabled by default.
http://en.wikipedia.org/wiki/Data_Execution_Prevention

 

 

Copyright © 2001-2011 Madshrimps, All rights reserved.
Graphic Design by Dennis Kestelle, Programming by Maarten Menten, Overall Site design by John Meys

All information and graphics contained in Madshrimps are sole property of the Madshrimps crew and may not be reproduced or copied in any manner without written permission from us.

Madshrimps