Microsoft Finally Fixes Internet Explorer Zero-Day Flaw – Patches 9 Other Vulnerabilities Along With It

As expected, Microsoft has released an out-of-band update to fix critical vulnerabilities present in all versions of Internet Explorer. This cumulative update includes as many as ten patches, including one for the critical Iepeers.dll vulnerability discussed earlier.

The afore mentioned vulnerability is currently being widely exploited by hackers to infect systems through drive-by downloads. In other words if you system is unpatched, simply visiting a compromised website is sufficient to get infected.

This is the second time this year that Microsoft has been forced to issue an out-of-band update. Earlier in January, it had issued an unscheduled update to fix a vulnerability, which was exploited in Operation Aurora. Microsoft Security Response group manager Jerry Bryant said, “Releasing the update early provides Internet Explorer 6 and 7 customers protection against the active attacks and provides users of all versions of Internet Explorer protection against nine other vulnerabilities”.

As mentioned earlier, this update applies to all versions of Internet Explorer. Most of the patches issues are critical or important. This patch does not however, fix the vulnerability that was exploited in the recent Pwn2Own competition to compromise a fully patched Windows 7 system.

Users who have disabled automatic update can download the appropriate files from here.

Don’t miss these Related Posts:

• Microsoft Releases Workaround For Internet Explorer 0-Day Vulnerability
• Things Just Got Worse For Internet Explorer Users: Unpatched Exploit Code Released
• Emergency IE6 and IE7 Security Patch Will Be Released Tomorrow
• Opera 10.01 Released – Fixes Multiple Security Vulnerabilities
• Stop Using Internet Explorer Right Now

Join Techie Buzz on Your Favorite Social Networking Sites

• Become a Techie Buzz fan on Facebook
• Follow Techie Buzz on Twitter