ID: IRCNE2013011715
Date: 2013-01-01
According to "cnet", Microsoft issued a fix today for a zero-day vulnerability in older versions of Internet Explorer that could allow attackers to gain control of Windows-based computers to host malicious Web sites.
The company confirmed Saturday that it was investigating a remote code execution vulnerability in IE 6, IE 7, and IE 8 that could allow an attacker to use the corrupted PC to host a Web site designed to exploit the vulnerability with other users. Versions of the browser after IE 8 are unaffected, Microsoft said.
Microsoft said in an update to that security advisory that it has developed a one-click fix that prevents the vulnerability from being exploited without affecting users' ability to browse the Web. Microsoft also said the fix doesn't require a reboot.
"While we have still observed only a few attempts to exploit this issue, we encourage all customers to apply this fix it to help protect their systems," Dustin Childs, group manager for Microsoft's Trustworthy Computing, said in a statement.
Related Link:
Microsoft confirms zero-day bug in IE6, IE7 and IE8
- 2