Microsoft issues emergency patch for IE flaw

Microsoft is being forced to step in and patch up the hole at the centre of the battle between Google and China.

patched computer

Microsoft is to release an emergency patch for the Internet Explorer (IE) flaw that has seen Google and several other major companies hacked over recent months, saying it has little choice given the "escalating threat environment".

Despite claiming that only the ageing Internet Explorer 6 is vulnerable to the attacks, and that they are very limited in nature, the company is nonetheless issuing an out-of-cycle update across the board.

Earlier this week, Microsoft urged users of its IE software to update to the latest version, Internet Explorer 8, but in doing so was forced to concede that both versions 7 and 8 of the software were also vulnerable to the IE6 security flaw that has left US computing giant Google and the Chinese government in a high-profile standoff.

In making the admission, Microsoft was quick to stress that it had not seen successful attacks against IE7 or IE8 as yet, but its researchers had proved the possibility was there.

Writing on the Microsoft Security Response Center blog yesterday, Trustworthy Computing Security general manager George Stathakopoulos said: "Given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves and the escalating threat environment Microsoft will release a security update out-of-band for this vulnerability."

The exact timing of the release will be known later today, but with the next monthly Patch Tuesday window still three weeks away, Microsoft has little choice to break its traditional update protocol.

"We take the decision to go out-of-band very seriously given the impact to customers, but we believe releasing an update out-of-band update is the right decision at this time," Stathakopoulos wrote.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19
Security

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19

24 Nov 2020
350,000 Spotify users hacked in credential stuffing attack
Security

350,000 Spotify users hacked in credential stuffing attack

24 Nov 2020
WAPDropper malware hooks you up to premium telecoms services
Security

WAPDropper malware hooks you up to premium telecoms services

24 Nov 2020
VMware sounds alarm over zero-day flaws in multiple products
Security

VMware sounds alarm over zero-day flaws in multiple products

24 Nov 2020

Most Popular

macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020
How computing has revolutionised Formula 1
Sponsored

How computing has revolutionised Formula 1

11 Nov 2020