Microsoft issues out of band IE patch

Microsoft has rolled out a series of patches ahead of schedule for its Internet Explorer browser.

IE logo

Microsoft has issued another patch for Internet Explorer, this time outside of its regular monthly update cycle.

The patch fixes a zero-day flaw in IE6 and IE7 that takes advantage of an invalid pointed reference to allow remote code execution if a user visits a malware-loaded page.

Attackers have already been making use of the flaw, Microsoft said earlier this month.

"We have been monitoring this issue and have determined an out-of-band release is needed to protect customers," communications head Jerry Bryant said on the Microsoft security blog.

Microsoft stressed that most recent browser IE8 was not affected by the flaw, and again urged users to update to that version.

The update will also include fixes for nine other vulnerabilities in the browser, which were going to be released on 13 April as part of the monthly patching cycle - effectively giving admins two big patches to roll out in the next few weeks.

"Some of those also affect Internet Explorer 8," said Bryant. "All of the nine additional vulnerabilities were responsibly disclosed and we are not aware of any active attacks against them."

The patches will roll out later this afternoon, via Microsoft's automatic update process.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19
Security

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19

24 Nov 2020
350,000 Spotify users hacked in credential stuffing attack
Security

350,000 Spotify users hacked in credential stuffing attack

24 Nov 2020
WAPDropper malware hooks you up to premium telecoms services
Security

WAPDropper malware hooks you up to premium telecoms services

24 Nov 2020
VMware sounds alarm over zero-day flaws in multiple products
Security

VMware sounds alarm over zero-day flaws in multiple products

24 Nov 2020

Most Popular

macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020
How computing has revolutionised Formula 1
Sponsored

How computing has revolutionised Formula 1

11 Nov 2020