Microsoft issues emergency patch for IE flaw

Microsoft is being forced to step in and patch up the hole at the centre of the battle between Google and China.

patched computer

Microsoft is to release an emergency patch for the Internet Explorer (IE) flaw that has seen Google and several other major companies hacked over recent months, saying it has little choice given the "escalating threat environment".

Despite claiming that only the ageing Internet Explorer 6 is vulnerable to the attacks, and that they are very limited in nature, the company is nonetheless issuing an out-of-cycle update across the board.

Earlier this week, Microsoft urged users of its IE software to update to the latest version, Internet Explorer 8, but in doing so was forced to concede that both versions 7 and 8 of the software were also vulnerable to the IE6 security flaw that has left US computing giant Google and the Chinese government in a high-profile standoff.

In making the admission, Microsoft was quick to stress that it had not seen successful attacks against IE7 or IE8 as yet, but its researchers had proved the possibility was there.

Writing on the Microsoft Security Response Center blog yesterday, Trustworthy Computing Security general manager George Stathakopoulos said: "Given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves and the escalating threat environment Microsoft will release a security update out-of-band for this vulnerability."

The exact timing of the release will be known later today, but with the next monthly Patch Tuesday window still three weeks away, Microsoft has little choice to break its traditional update protocol.

"We take the decision to go out-of-band very seriously given the impact to customers, but we believe releasing an update out-of-band update is the right decision at this time," Stathakopoulos wrote.

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
EU plans to launch bloc-wide cyber task force
cyber attacks

EU plans to launch bloc-wide cyber task force

22 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021