On Wednesday Microsoft announced that it would be releasing an update ahead of its regularly scheduled early February security update. The out-of-cycle patch was necessary to secure a vulnerability that led to Human Rights activists Gmail accounts being hacked in China and which also allowed the Chinese to gain access to intellectual property of Google and other US technology companies. Late Thursday, the announcement became reality as Microsoft released the patch for immediate download to all users of supported Internet Explorer browsers.

.

Comodo Internet Security Pro

.

The weakness, which primarily affects IE6, allowed hackers to download malware to employee computers and gain access to intellectual property at Google as well as information connected to Human Rights activists with Gmail accounts. Some 34 other companies, including Adobe and other tech, financial, and defense companies were targeted by the attack.

Both France and Germany earlier this week recommended that their citizens quit using the browser all together and opt instead for either Mozilla’s FireFox or Google’s Chrome browsers due to the seriousness of the vulnerability. In doing so, Firefox has been able to step in and overtake Microsoft’s IE as the browser of choice in those countries.

If a user were to visit a compromised site using a vulnerable browser, they could become infected with a “trojan horse”, allowing a hacker to take control of thier computer and potentially steal sensitive information. In the last 48 hours, Sophos, a web security firm, has noticed an uptick in new sites attempting to copy the malicious code to exploit the weakness.

According to Microsoft:

“An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

.

Comodo Internet Security protects against all of today’s sophisticated malware threats. Try a 30-day FREE trial of Comodo Internet Security Pro Today.

.

Originally, Microsoft planned to release a fix for the zero-day vulnerability with their next regularly scheduled security patch on February 3. After it became clear that the weakness had led to many well known US corporations, as well as highly sensitive defense companies, being invaded, the push to release before February became necessary. And late Thursday Microsoft released the patch.

The cumulative security update for Internet Explorer fixes the known flaw as well as seven other security vulnerabilities that would allow an attacker to remotely execute code on a victim’s computer. Microsoft recommends that all users of IE6 download the patch. They also recommend updating your browser to IE8 which is said to be one of the safest browsers available. You can download the update and read detailed info about the vulnerability at the Microsoft Security download page.

.

Won’t you donate to the American Red Cross Haiti Relief and Development Fund today? Thank you for your contribution.

.


GoToMeeting - Online Meetings Made Easy

.

.

Technorati Tags:
, , , , , ,